Windows Analysis Report
https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==

Overview

General Information

Sample URL:	https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJ
Analysis ID:	1529267
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish54

Phishing site detected (based on favicon image match)

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Detected hidden input values containing email addresses (often used in phishing pages)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML title does not match URL

Classification

Signatures

Phishing

Yara detected HtmlPhish54

Source: Yara match	File source: 0.2.id.script.csv, type: HTML
Source: Yara match	File source: 0.12.i.script.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.3.pages.csv, type: HTML

Phishing site detected (based on favicon image match)

Source: https://vivaloud.top

Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTOUhOWYS1SRsw22rbWgpcLwgR0jSOV5PFD30B-ok8JsMOaRGIACaktsp7fI559Q5vKtyKnfY5zoD0DUadmMIUzg3siO946zWojhumolK8zQn1Ec04_TolpaMTKKhGU2Dg1Ki6guMaav8wsdIh1pInCCLsQ-MxPIAIMmmibVE6NI8a7Uz027idrPZG69JLR05ODulyilBqaO00Zb1VX-F3Sr-L5N-UyxtfOWHwS_FUjgHAbTu7xR-3Sk82dlFigdnz57f23pr692tpzufvPLtEi51L0ytShLOqyRpAxO1dJTGSIRkKKOGMwZD6dWwqrcHiNkWyG7GLC1lEBsYE3V9xp_43mwyJGYGhlwpe84L039xZvMrCsndh1_9vMt9-dnqt_e-vVm4UdpE6U7p3Nni3tZ-sdFHfypd8qEZhXFoJ2HgwQBU0vhxqfBnafv6a1t3zl191aMXOjCo_Lf29MW8HLYq6gkMA91rnE7SAhaIXgjXLxTuXyg82MXPl0xPh3586fK1fWhpSeiCYP_g2v7ajzXTPM02S0hBvH_w8f6msf1PT05Ofnx969kbzx89-v32s-__aD-5-CFVlegICyRnUM9Ie3MVSKu7WOtgHg_VmvKByw4g2xnWgcWsrtze2_oH0&mkt=en-US&hosted=0&device_platform=Windows+10

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9	Matcher: Template: microsoft matched
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9	Matcher: Template: microsoft matched

Detected hidden input values containing email addresses (often used in phishing pages)

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNik8JGdHycfD4fDDOWx6_uTg4Gh7-u57YTuCHUawPw2&nc_client_reply_address=https%3a%2f%2fvivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20=-lg%2fowa%2f&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2fNationalCloudFederation&login_hint=elkin%40core4ce.com&login_hint_disambig=1&response_mode=form_post&client-request-id=6d0c90be-f66b-bdcf-2a3a-1ef93cadf37d#

HTTP Parser: elkin@core4ce.com

HTML body contains low number of good links

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: Number of links: 0
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO...	HTTP Parser: Number of links: 0

HTML title does not match URL

HTTP Parser: Title: Sign in to Outlook does not match URL

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx

HTTP Parser: <input type="password" .../> found

Source: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D	HTTP Parser: No favicon
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: No favicon

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi	HTTP Parser: No <meta name="author".. found
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO	HTTP Parser: No <meta name="author".. found

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: No <meta name="copyright".. found
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO...	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO...	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61532 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61569 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:61529 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw== HTTP/1.1Host: www.baidu.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.themarbleandgranitecompany.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D HTTP/1.1Host: vivaloud.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.themarbleandgranitecompany.co.uk/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D?sso_reload=true HTTP/1.1Host: vivaloud.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 0=ClientId=B164CF1349BC4C72B6D6691C53403E24; 1=ClientId=B164CF1349BC4C72B6D6691C53403E24; 2=OIDC=1; 16=OpenIdConnect.nonce.v3.lz4GkewBrRtlsgz8V_AsQmAeDfNvGlURlgFE5aHtqdc=638640072078203682.c622ec03-583a-4cb6-8470-e9938f09b163; 20=ClientId=B164CF1349BC4C72B6D6691C53403E24; 21=OIDC=1; 35=OpenIdConnect.nonce.v3.lz4GkewBrRtlsgz8V_AsQmAeDfNvGlURlgFE5aHtqdc=638640072078203682.c622ec03-583a-4cb6-8470-e9938f09b163; 39=X-OWA-RedirectHistory=ArLym14BIhuNC8Pn3Ag; esctx-4yVsomElLmE=AQABCQEAAADW6jl31mB3T7ugrWTT8pFe-8lwUkpOEq7vUg28JMm-P37n5dTwKJZMmBDchZ4f4TeF_JWdK7tfTrdOev1_THXIAAjh0R8y0ifpGUgkusMuuuJp33S-dOih6EXrn9ZBt5P1CnhS5tNk_KcPvlbhqqE0j0ymXj4sr_oViTphwoDSUiAA; fpc=AjrpN7WZMnZNuN0ERFULqpA; esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe6CHcyzWFfpG4Ur-f-Ybhnnr1Y8NLVl6jd0LDIbFV0NU_eU8D5GDxyx300HlqzOmS1DPpdcVKZooU2y4F2V7mZ_bVa2__mApQDQOxi7aB-43Ad5WwBr4MmQx15FYCdXyaCVwU8lwfeiUtowZbAV9XeE0hUIZGhFxfVwGYnIiAOusgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; appdfmd5naosiz309213=ZWxraW5AY29yZTRjZS5jb20=; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNik8JGdHycfD4fDDOWx6_uTg4Gh7-u57YTuCHUawPw2&nc_client_reply_address=https%3a%2f%2fvivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20=-lg%2fowa%2f&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2fNationalCloudFederation&login_hint=elkin%40core4ce.com&login_hint_disambig=1&response_mode=form_post&client-request-id=6d0c90be-f66b-bdcf-2a3a-1ef93cadf37d HTTP/1.1Host: vivaloud.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 2=OIDC=1; 21=OIDC=1; esctx-4yVsomElLmE=AQABCQEAAADW6jl31mB3T7ugrWTT8pFe-8lwUkpOEq7vUg28JMm-P37n5dTwKJZMmBDchZ4f4TeF_JWdK7tfTrdOev1_THXIAAjh0R8y0ifpGUgkusMuuuJp33S-dOih6EXrn9ZBt5P1CnhS5tNk_KcPvlbhqqE0j0ymXj4sr_oViTphwoDSUiAA; esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe6CHcyzWFfpG4Ur-f-Ybhnnr1Y8NLVl6jd0LDIbFV0NU_eU8D5GDxyx300HlqzOmS1DPpdcVKZooU2y4F2V7mZ_bVa2__mApQDQOxi7aB-43Ad5WwBr4MmQx15FYCdXyaCVwU8lwfeiUtowZbAV9XeE0hUIZGhFxfVwGYnIiAOusgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; appdfmd5naosiz309213=ZWxraW5AY29yZTRjZS5jb20=; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; 0=ClientId=E61C637E93E344D0BA12088D09C76470; 1=ClientId=E61C637E93E344D0BA12088D09C76470; 16=OpenIdConnect.nonce.v3.ftcmLuoJsEu-fTcbpQtfth4M2sORI79jM3LohQAdTIo=638640072100748487.9c96e298-bd0c-48ae-9774-b4125e813813; 20=Clie
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/illustration?ts=638481933549179137 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/bannerlogo?ts=638476018421341664 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/bannerlogo?ts=638476018421341664 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/illustration?ts=638481933549179137 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120100v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule90401v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: www.baidu.com
Source: global traffic	DNS traffic detected: DNS query: www.themarbleandgranitecompany.co.uk
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: vivaloud.top
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.us
Source: global traffic	DNS traffic detected: DNS query: outlook.office365.com
Source: global traffic	DNS traffic detected: DNS query: r4.res.office365.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauthimages.us
Source: global traffic	DNS traffic detected: DNS query: passwordreset.activedirectory.windowsazure.us
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com

Source: unknown

HTTP traffic detected: POST /report/v4?s=6oBcOfYnWqCtCT0JwndvK7YR8r1cskKmc5RpqAO1%2F%2B9GjcPEnZuca8Y%2FWqyLe29S2AphRYvKVEtTZPv31q98u9GcJLutYGndQaelclflGAfHNoUa21yQvX9%2FeSDVgGc%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 523Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_93.2.dr, chromecache_139.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_151.2.dr	String found in binary or memory: http://github.com/jquery/globalize
Source: chromecache_121.2.dr, chromecache_122.2.dr, chromecache_111.2.dr, chromecache_99.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_121.2.dr, chromecache_122.2.dr, chromecache_111.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_136.2.dr	String found in binary or memory: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
Source: chromecache_134.2.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_93.2.dr, chromecache_139.2.dr, chromecache_121.2.dr, chromecache_123.2.dr, chromecache_122.2.dr, chromecache_124.2.dr, chromecache_111.2.dr, chromecache_99.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_97.2.dr	String found in binary or memory: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1
Source: chromecache_106.2.dr	String found in binary or memory: https://www.themarbleandgranitecompany.co.uk/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 61568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 61602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61626
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61629
Source: unknown	Network traffic detected: HTTP traffic on port 61648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 61625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61620
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61621
Source: unknown	Network traffic detected: HTTP traffic on port 61659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61633
Source: unknown	Network traffic detected: HTTP traffic on port 61557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61636
Source: unknown	Network traffic detected: HTTP traffic on port 61614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61637
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61639
Source: unknown	Network traffic detected: HTTP traffic on port 61591 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61630
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61631
Source: unknown	Network traffic detected: HTTP traffic on port 61683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61632
Source: unknown	Network traffic detected: HTTP traffic on port 61637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61645
Source: unknown	Network traffic detected: HTTP traffic on port 61533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61649
Source: unknown	Network traffic detected: HTTP traffic on port 61592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61641
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61643
Source: unknown	Network traffic detected: HTTP traffic on port 61569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61626 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61659
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61539
Source: unknown	Network traffic detected: HTTP traffic on port 61660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61652
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61653
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 61593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 61635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61709
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61706
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 61603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61713
Source: unknown	Network traffic detected: HTTP traffic on port 61706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61609
Source: unknown	Network traffic detected: HTTP traffic on port 61543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61600
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61606
Source: unknown	Network traffic detected: HTTP traffic on port 61613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61607
Source: unknown	Network traffic detected: HTTP traffic on port 61707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 61669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 61571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61619
Source: unknown	Network traffic detected: HTTP traffic on port 61636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61611
Source: unknown	Network traffic detected: HTTP traffic on port 61582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61612
Source: unknown	Network traffic detected: HTTP traffic on port 61559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61614
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61618
Source: unknown	Network traffic detected: HTTP traffic on port 61647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 61681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61590
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61591
Source: unknown	Network traffic detected: HTTP traffic on port 61639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61589
Source: unknown	Network traffic detected: HTTP traffic on port 61640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61581
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61582
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61583
Source: unknown	Network traffic detected: HTTP traffic on port 61577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61585
Source: unknown	Network traffic detected: HTTP traffic on port 61663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61586
Source: unknown	Network traffic detected: HTTP traffic on port 61554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61587
Source: unknown	Network traffic detected: HTTP traffic on port 61686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61588
Source: unknown	Network traffic detected: HTTP traffic on port 61628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61651 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61592
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61596
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61598
Source: unknown	Network traffic detected: HTTP traffic on port 61536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61599
Source: unknown	Network traffic detected: HTTP traffic on port 61652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 61685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61545
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61547
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61668
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61549
Source: unknown	Network traffic detected: HTTP traffic on port 61615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61540
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61663
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61543
Source: unknown	Network traffic detected: HTTP traffic on port 61535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61544
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61665
Source: unknown	Network traffic detected: HTTP traffic on port 61546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61677
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61557
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61679
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61670
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61550
Source: unknown	Network traffic detected: HTTP traffic on port 61578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61671
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61554
Source: unknown	Network traffic detected: HTTP traffic on port 61649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61555
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61676
Source: unknown	Network traffic detected: HTTP traffic on port 61627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61569
Source: unknown	Network traffic detected: HTTP traffic on port 61579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61680
Source: unknown	Network traffic detected: HTTP traffic on port 61684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61560
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61562
Source: unknown	Network traffic detected: HTTP traffic on port 61661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61563
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61684
Source: unknown	Network traffic detected: HTTP traffic on port 61556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61565
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61686
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61687
Source: unknown	Network traffic detected: HTTP traffic on port 61605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61580
Source: unknown	Network traffic detected: HTTP traffic on port 61710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61578
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61579
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61570
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61571
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61574
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61575
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61577
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61698
Source: unknown	Network traffic detected: HTTP traffic on port 61654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61586 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61643 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61551 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61532 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61569 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@20/117@34/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2112,i,1976848936731450565,5995352911465103930,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2112,i,1976848936731450565,5995352911465103930,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
5.101.173.45	www.themarbleandgranitecompany.co.uk	United Kingdom	42831	UKSERVERS-ASUKDedicatedServersHostingandCo-Location	false
52.98.179.146	FRA-efz.ms-acdc.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
216.58.212.132	www.google.com	United States	15169	GOOGLEUS	false
20.141.12.34	eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.us	United States	8070	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
103.235.46.96	www.wshifen.com	Hong Kong	55967	BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd	false
20.140.48.70	eafd-ffgov-phxr9b2-roxy-default-sni.aksroxy.azureedge.us	United States	8070	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
152.199.21.175	sni1gl.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
172.67.177.212	vivaloud.top	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
eafd-ffgov-phxr9b1-roxy-default-sni.aksroxy.azureedge.us	20.141.12.34	true
a.nel.cloudflare.com	35.190.80.1	true
eafd-ffgov-phxr9b2-roxy-default-sni.aksroxy.azureedge.us	20.140.48.70	true
s-part-0023.t-0009.t-msedge.net	13.107.246.51	true
www.wshifen.com	103.235.46.96	true
sni1gl.wpc.omegacdn.net	152.199.21.175	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	216.58.212.132	true
FRA-efz.ms-acdc.office.com	52.98.179.146	true
www.themarbleandgranitecompany.co.uk	5.101.173.45	true
vivaloud.top	172.67.177.212	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
aadcdn.msftauthimages.us	unknown	unknown
r4.res.office365.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
www.baidu.com	unknown	unknown
passwordreset.activedirectory.windowsazure.us	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
login.microsoftonline.us	unknown	unknown
outlook.office365.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://aadcdn.msftauthimages.us/6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/illustration?ts=638481933549179137	false	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js	false	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js	false	unknown
https://aadcdn.msftauthimages.us/6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/bannerlogo?ts=638476018421341664	false	unknown
https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D	true	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js	false	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif	false	unknown
https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D?sso_reload=true	true	unknown
https://outlook.office365.com/owa/prefetch.aspx	false	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif	false	unknown
https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==	false	unknown
https://www.themarbleandgranitecompany.co.uk/	false	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js	false	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	false	unknown
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js	false	unknown
https://a.nel.cloudflare.com/report/v4?s=6oBcOfYnWqCtCT0JwndvK7YR8r1cskKmc5RpqAO1%2F%2B9GjcPEnZuca8Y%2FWqyLe29S2AphRYvKVEtTZPv31q98u9GcJLutYGndQaelclflGAfHNoUa21yQvX9%2FeSDVgGc%3D	false	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	877784A5F5808CEFA2B61E73BFCF8EAE	6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF	BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
Chrome Cache Entry: 101	Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators	9786D38346567E5E93C7D03B06E3EA2D	23EF8C59C5C9AA5290865933B29C9C56AB62E3B0	263307E3FE285C85CB77CF5BA69092531CE07B7641BF316EF496DCB5733AF76C
Chrome Cache Entry: 102	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	1A42849DAF1915AE725BDAE3ACD663F6	53AC1A6468CBB8B055A0E09404CFDA5DB2768586	06203B332B6EBAA11BBF13B22C8AA5921765EC6D24912B5EA52E505EAE1BB0CD
Chrome Cache Entry: 103	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 104	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 105	JPEG image data, progressive, precision 8, 1920x1080, components 3	FC7EDC54BFF57498E2094A5CA18A2946	06871A3C556F7E3BB61619A735B12D51442C9214	5BD8341CCC9940C5ADA3DBADFF7E204F2B58E730454E4EE150AF3E95375D8F70
Chrome Cache Entry: 106	HTML document, ASCII text, with very long lines (545)	A43B8A9C45AB9072F168E7D65C106889	0AE0AB441B1F83BEEB91AB7CBB5353A3DF755F96	55654E502241AFFF65BAE44105357F8387AD494A3AC2AE45A1EAC144BEA5AFE9
Chrome Cache Entry: 107	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	1A42849DAF1915AE725BDAE3ACD663F6	53AC1A6468CBB8B055A0E09404CFDA5DB2768586	06203B332B6EBAA11BBF13B22C8AA5921765EC6D24912B5EA52E505EAE1BB0CD
Chrome Cache Entry: 108	ASCII text, with very long lines (61177)	41955034BB6BC6963DF5A8ECA72C5B81	D4B9E8C46100BDDACE8DFA08BDFF1F6F3D3B0A81	1F8CEB44FE7CFCF7E71DBD5122210335CA3821D697A851D2900B95AF7D92D69D
Chrome Cache Entry: 109	ASCII text, with very long lines (39257), with CRLF line terminators	DA9DC1C32E89C02FC1E9EEB7E5AAB91E	3EFB110EFA6068CE6B586A67F87DA5125310BC30	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
Chrome Cache Entry: 110	JPEG image data, progressive, precision 8, 1920x1080, components 3	FC7EDC54BFF57498E2094A5CA18A2946	06871A3C556F7E3BB61619A735B12D51442C9214	5BD8341CCC9940C5ADA3DBADFF7E204F2B58E730454E4EE150AF3E95375D8F70
Chrome Cache Entry: 111	ASCII text, with very long lines (64616)	10BB4002DD986BC2121AE7343C970128	3EA61169BD06FF06B405CB59CE11506C301DF16B	7DC87D100FFDA0B44300291491BBE7AC8A6EAE94937CCEC0494D5F154C07C3A0
Chrome Cache Entry: 112	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 113	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 114	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 115	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 116	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	ACA0F1B02DC406E76DDC5F2BDEBEC6CE	594C930BE86B8843377565E349D2A10F1755A13A	0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
Chrome Cache Entry: 117	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 118	ASCII text, with very long lines (39257), with CRLF line terminators	DA9DC1C32E89C02FC1E9EEB7E5AAB91E	3EFB110EFA6068CE6B586A67F87DA5125310BC30	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
Chrome Cache Entry: 119	ASCII text, with CRLF line terminators	DBFAC7887A157C9B73DC42927FC15B74	435FD188BF66F0207EEB298DD13228D17D36E4D1	FC66E3943BC6EDC7B1F79D952D31DABCBA3BD576190DEEB9A7518CEE6B75C5A1
Chrome Cache Entry: 120	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 121	ASCII text, with very long lines (46090)	2509D4C564AFC2C77D16BA6CA509B39F	201F1D80F8EEA9F5E8A7A7224CFF18674344F886	D468D9F009E53FE1C47B9D6FDEFA3FF1A8C239973F11A6F892848E341EA17CCD
Chrome Cache Entry: 122	ASCII text, with very long lines (46090)	2509D4C564AFC2C77D16BA6CA509B39F	201F1D80F8EEA9F5E8A7A7224CFF18674344F886	D468D9F009E53FE1C47B9D6FDEFA3FF1A8C239973F11A6F892848E341EA17CCD
Chrome Cache Entry: 123	ASCII text, with very long lines (25695)	23FC7EC7A5AEF418D4A703034E6F3F83	A36BB28ACC4F8943189AB4A7436B9C4716D48EED	D53D9957A7073B965147291AE6F4D812DF1CC06DA4D2BB3E98622FEDC5809265
Chrome Cache Entry: 124	ASCII text, with very long lines (25695)	23FC7EC7A5AEF418D4A703034E6F3F83	A36BB28ACC4F8943189AB4A7436B9C4716D48EED	D53D9957A7073B965147291AE6F4D812DF1CC06DA4D2BB3E98622FEDC5809265
Chrome Cache Entry: 125	ASCII text, with very long lines (65329), with CRLF line terminators	C89EAA5B28DF1E17376BE71D71649173	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
Chrome Cache Entry: 126	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8EDFCD3F7A179CFF6B123DFF50F29770	7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF	D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
Chrome Cache Entry: 127	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 128	ASCII text, with very long lines (65536), with no line terminators	AF8D946B64D139A380CF3A1C27BDBEB0	C76845B6FFEAF14450795C550260EB618ABD60AB	37619B16288166CC76403F0B7DF6586349B2D5628DE00D5850C815D019B17904
Chrome Cache Entry: 129	ASCII text, with CRLF line terminators	B3D7A123BE5203A1A3F0F10233ED373F	F4C61F321D8F79A805B356C6EC94090C0D96215C	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
Chrome Cache Entry: 130	ASCII text, with no line terminators	17C4BD96DCB397D1D62D24921BC4FEBA	2C0F2AFF858069D582A97867B183EBD5DC8A9FCB	3549DBC06BDD994A38C9A29AECD7E8F9577E2150D15F8D6B0533B4D250666514
Chrome Cache Entry: 131	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 132	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	ACA0F1B02DC406E76DDC5F2BDEBEC6CE	594C930BE86B8843377565E349D2A10F1755A13A	0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
Chrome Cache Entry: 133	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 134	HTML document, Unicode text, UTF-8 text, with very long lines (1800), with CRLF line terminators	34A760279ADBDAF8C2104723378B28A6	DF0927EFBD22EEBA9E5355CCACABBE5AA9A79530	A93D7050B15B6D7E399687EF8601CA8515A3221E67B04C08553E07AE63134DB3
Chrome Cache Entry: 135	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 136	HTML document, ASCII text, with very long lines (6645), with CRLF, LF line terminators	32CD22F494DFC21B7EACA0FB39842868	C93BC6752968F91066FDB48B5EBFC1939A4C37C4	5C150EBBAC14032D8751A6044D42EE6FDBEA440C11E197DC92AB628325F86BCA
Chrome Cache Entry: 137	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 138	Unicode text, UTF-8 text, with very long lines (32009)	D580777BB3A28B94F6F1D18EE17AEDA3	E78833A2DB1AA97DA3F4A1994E6AF1F0D74D7CC7	81188E8A76162C79DB4A5C10AC933C9E874C5B9EAE10E47956AD9DF704E01B28
Chrome Cache Entry: 139	ASCII text, with very long lines (45797)	E40761677762EAB0692F86B259C7D744	34A9B50CEC6E1163CEEFCD4D394DB6524C89A854	DA4A8DF0C326292B5BEE9C732B3C962FD67AAF2F99D850F1BF65068D573C5619
Chrome Cache Entry: 140	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 141	ASCII text, with CRLF line terminators	432C0225D4F996FA527B1DDA37FAF9B1	000B0E2D9E8E70B56FCC4DD5CDE19B6B6DA2CBE4	E7A2F12C0F145FA465B669F22F47FA9D7C43B6F67D2629FFE92F155C2FB009BF
Chrome Cache Entry: 142	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8EDFCD3F7A179CFF6B123DFF50F29770	7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF	D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
Chrome Cache Entry: 143	ASCII text, with CRLF line terminators	B3D7A123BE5203A1A3F0F10233ED373F	F4C61F321D8F79A805B356C6EC94090C0D96215C	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
Chrome Cache Entry: 144	ASCII text, with CRLF line terminators	DBFAC7887A157C9B73DC42927FC15B74	435FD188BF66F0207EEB298DD13228D17D36E4D1	FC66E3943BC6EDC7B1F79D952D31DABCBA3BD576190DEEB9A7518CEE6B75C5A1
Chrome Cache Entry: 145	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 146	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 147	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 148	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 149	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 150	ASCII text, with no line terminators	435DFEB5ED720569AAE0D19A596268D4	C480ED0DD1FB77EC94B575270EB9C49DCC1EC7BF	F818EA49747D1A72A1D7210F97668A62686E1C210868100474F3915DF1CBCE79
Chrome Cache Entry: 151	Unicode text, UTF-8 (with BOM) text, with very long lines (59783), with CRLF line terminators	761CE9E68C8D14F49B8BF1A0257B69D6	8CF5D714D35EFFA54F3686065CB62CCE028E2C77	BEAA65AD34340E61E9E701458E2CCFF8F9073FDEBBC3593A2C7EC8AFEACB69C1
Chrome Cache Entry: 152	PNG image data, 600 x 1, 8-bit/color RGBA, non-interlaced	3EDA15637AFEAC6078F56C9DCC9BBDB8	97B900884183CB8CF99BA069EEDC280C599C1B74	68C66D144855BA2BC8B8BEE88BB266047367708C1E281A21B9D729B1FBD23429
Chrome Cache Entry: 153	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 154	ASCII text, with very long lines (65329), with CRLF line terminators	C89EAA5B28DF1E17376BE71D71649173	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
Chrome Cache Entry: 155	ASCII text, with CRLF line terminators	11FE4E6509513DB245F1F97E37C5D3AB	05322C35B6BFAE84CE8C626BD7B1F8C4A6F15A6D	78D437B40A85299F96ED9D02E35F23FD3D3EF63D844D8D2523A15516F7E1D09C
Chrome Cache Entry: 156	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 84	HTML document, Unicode text, UTF-8 text, with very long lines (941), with CRLF line terminators	A048751ED43F780ED6DFA90B6A457C3A	6C5959708DA81C3CB5A6A39182BF4F4774F30C27	3EECF4AB9716C628691ADF38E1F9BF7A38C94C712136CC8EBDD889B52FFCC522
Chrome Cache Entry: 85	ASCII text, with CRLF line terminators	A870B45AC5D6B0D4E18C4829C7B660B4	2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0	144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
Chrome Cache Entry: 86	Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators	12204899D75FC019689A92ED57559B94	CCF6271C6565495B18C1CED2F7273D5875DBFB1F	39DAFD5ACA286717D9515F24CF9BE0C594DFD1DDF746E6973B1CE5DE8B2DD21B
Chrome Cache Entry: 87	Unicode text, UTF-8 (with BOM) text, with very long lines (65339), with CRLF line terminators	D9E3D2CE0228D2A5079478AAE5759698	412F45951C6AEDA5F3DF2C52533171FC7BDD5961	7041D585609800051E4F451792AEC2B8BD06A4F2D29ED6F5AD8841AAE5107502
Chrome Cache Entry: 88	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 89	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 90	Unicode text, UTF-8 text, with very long lines (32009)	D580777BB3A28B94F6F1D18EE17AEDA3	E78833A2DB1AA97DA3F4A1994E6AF1F0D74D7CC7	81188E8A76162C79DB4A5C10AC933C9E874C5B9EAE10E47956AD9DF704E01B28
Chrome Cache Entry: 91	ASCII text, with CRLF line terminators	A870B45AC5D6B0D4E18C4829C7B660B4	2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0	144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
Chrome Cache Entry: 92	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 93	ASCII text, with very long lines (45797)	E40761677762EAB0692F86B259C7D744	34A9B50CEC6E1163CEEFCD4D394DB6524C89A854	DA4A8DF0C326292B5BEE9C732B3C962FD67AAF2F99D850F1BF65068D573C5619
Chrome Cache Entry: 94	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	877784A5F5808CEFA2B61E73BFCF8EAE	6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF	BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
Chrome Cache Entry: 95	ASCII text, with very long lines (994), with no line terminators	E2110B813F02736A4726197271108119	D7AC10CC425A7B67BF16DDA0AAEF1FEB00A79857	6D1BE7ED96DD494447F348986317FAF64728CCF788BE551F2A621B31DDC929AC
Chrome Cache Entry: 96	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 97	HTML document, ASCII text, with very long lines (645), with CRLF line terminators	AD97E3FE4E31565765F689BD2CDFC17E	E2E539EF44A970F78A2688EE6BE7DD7354650994	5EC396A1BD90075D4A977BA811B55E1C9FCD00A24D3B517A4CE41C9B9ED631F5
Chrome Cache Entry: 98	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 99	ASCII text, with very long lines (64616)	10BB4002DD986BC2121AE7343C970128	3EA61169BD06FF06B405CB59CE11506C301DF16B	7DC87D100FFDA0B44300291491BBE7AC8A6EAE94937CCEC0494D5F154C07C3A0

Phishing

Yara detected HtmlPhish54

Source: Yara match	File source: 0.2.id.script.csv, type: HTML
Source: Yara match	File source: 0.12.i.script.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.3.pages.csv, type: HTML

Phishing site detected (based on favicon image match)

Source: https://vivaloud.top

Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9	Matcher: Template: microsoft matched
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9	Matcher: Template: microsoft matched

Detected hidden input values containing email addresses (often used in phishing pages)

HTTP Parser: elkin@core4ce.com

HTML body contains low number of good links

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: Number of links: 0
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO...	HTTP Parser: Number of links: 0

HTML title does not match URL

HTTP Parser: Title: Sign in to Outlook does not match URL

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx

HTTP Parser: <input type="password" .../> found

Source: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D	HTTP Parser: No favicon
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: No favicon

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi	HTTP Parser: No <meta name="author".. found
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO	HTTP Parser: No <meta name="author".. found

Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: No <meta name="copyright".. found
Source: https://vivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNi...	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO...	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.activedirectory.windowsazure.us/?ru=https%3a%2f%2flogin.microsoftonline.us%2fcommon%2freprocess%3fctx%3drQQIARAAjVRLjNtkEN5stqGPhS49ceKx4lRIYjt-rqjUbLJx7MROnMQbO4AsP347f_xK_EhiV8u5x4pjjxw4FCFViANUKkIcOHBpz1UrIS5UPSBUJNTeyLaqhDjxafRp9GkOM6P55nIRraAH7yMvgZVPuYzYNlo2wWn2L0SXzu_9cGPXd_--d_fywdvPP_r6r5NbhXemSTKPD6rVME28MHQroW1DE1TM0K-GK736XaFwv1B4XCh8vv0m8FwYXDXDCOAvK25tU2SNJnEEoTB0QziN01SFMRkSYAxdNizELOO0DsoMReFlA0cxAtBobRMPti_26mkyxU4pjGAOnm6fs8PI1-ZhnNws3jsTSRJXH9Trs0mrb4i8wwoGJR-rh_KEHfEajQSe0-kqQ0Tk56ojOeuGOOCThTuVu2Q2iyY2ktPyuN-MXWVmIqrQngke7PfgkAX9w1VGZIqXZUAM4GowFZvdmMfMsdEPgjyribib20uaHqz4GOfQsjfidZfoHM8H7NGCNTWgRKwT0gEuo7NU65c1dirEgYhSDBtSh56itIUxMnXlRhpmbRkOxZY8llWPYIHUwmf0QK83pGa73sxzRR3og_w4zUzYoHoBiwnAk2uZPh-7Gy2v0zDvr0dixjvYiJ0Qi8SHE3XpsvMmZ65RXvRcN5UmBJ-PDdsij-I0JkjTIdyF1MeRtSW7HUUZjSVqrMFZrTPPe7h2ZHmqDDK1tcDmGDZcuscwbK31I5ZQ24Z3FEHZlWMi9fVG1x92CFmSUclIE31pabKAo3K8sBY0QoqRmVCyKkzWC0cTvJbiyxqK2WquHWONpTnuYiFOCv3Jus7PRjIaS_3msub4OSPgCOcccXPHoxoRJkr9AGpC7Cg9ag6UgO62WkiZjhgbGBzLTO...	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61532 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61569 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:61529 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw== HTTP/1.1Host: www.baidu.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.themarbleandgranitecompany.co.ukConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D HTTP/1.1Host: vivaloud.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.themarbleandgranitecompany.co.uk/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3D?sso_reload=true HTTP/1.1Host: vivaloud.topConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 0=ClientId=B164CF1349BC4C72B6D6691C53403E24; 1=ClientId=B164CF1349BC4C72B6D6691C53403E24; 2=OIDC=1; 16=OpenIdConnect.nonce.v3.lz4GkewBrRtlsgz8V_AsQmAeDfNvGlURlgFE5aHtqdc=638640072078203682.c622ec03-583a-4cb6-8470-e9938f09b163; 20=ClientId=B164CF1349BC4C72B6D6691C53403E24; 21=OIDC=1; 35=OpenIdConnect.nonce.v3.lz4GkewBrRtlsgz8V_AsQmAeDfNvGlURlgFE5aHtqdc=638640072078203682.c622ec03-583a-4cb6-8470-e9938f09b163; 39=X-OWA-RedirectHistory=ArLym14BIhuNC8Pn3Ag; esctx-4yVsomElLmE=AQABCQEAAADW6jl31mB3T7ugrWTT8pFe-8lwUkpOEq7vUg28JMm-P37n5dTwKJZMmBDchZ4f4TeF_JWdK7tfTrdOev1_THXIAAjh0R8y0ifpGUgkusMuuuJp33S-dOih6EXrn9ZBt5P1CnhS5tNk_KcPvlbhqqE0j0ymXj4sr_oViTphwoDSUiAA; fpc=AjrpN7WZMnZNuN0ERFULqpA; esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe6CHcyzWFfpG4Ur-f-Ybhnnr1Y8NLVl6jd0LDIbFV0NU_eU8D5GDxyx300HlqzOmS1DPpdcVKZooU2y4F2V7mZ_bVa2__mApQDQOxi7aB-43Ad5WwBr4MmQx15FYCdXyaCVwU8lwfeiUtowZbAV9XeE0hUIZGhFxfVwGYnIiAOusgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; appdfmd5naosiz309213=ZWxraW5AY29yZTRjZS5jb20=; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /66fec1da18260697b349b97a/o/aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUudXM=-lg/common/OAuth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&resource=00000002-0000-0ff1-ce00-000000000000&state=DYtBEoAgCAAxp-eQiCTwHDXPHft-zOzubRMA5PAIE0VAe7MuRMo1Iiamly_vm91wPrRQbGx0VcEple9ttQUp3rO83yg_&nc_proxy_request=1&nc_proxy_state=rQQIARAAjZFPbNJgGMb7UVYBUZGTJ_80nlgKLXS0NJpYgQgxCNRJtqkhUL6yjrZf0z8UWPDskXjc0YMHjMliPOiSGePBwy5yXlyyeNniwRhNDLsJ2cWbPnnzy3N4kzfv88RwJs4I1-lTJak5KVpRGEqGc_eXrGgo8n4U1ju_P-_GhMsnN179Go7BlXXHMW0hkUCuoyHUiSNFUWUYl5GeQF4j8RaACQDHADzzXYRaRzVuyciC7OnG2MelU3yapWkuyczA8izPxTNyJg2TGZ5qtmiZYvkGpDIcx1JNlkkuQZ5JzWbfd6Esus56cg5kqQP40xdUkKXXTWQ7W_ij3KpzO4_EdlYUeyYFq2p22SvkVioFxaEG5YHblEriUkUs5umaCLmSK5UQU1Qbutavd_UM41Usqdq806Nrct7UYMZxqg_MlFXmU_12fYz_V2CvcWL2o46MPZxAJjTU1sQPDv3gmz9M40IgEIpgl7Cr2NQPni_MsgXO7peXn8LFF0-8r9febIG9hUS6W9tYc5fbkHYHidXiWq6T0tKVxZXaomRYZnmD96S7Tene_Xzfu8kJzIgAI4LYIYIBPIKReLbCfCSiuipbyEaKgwxNNWDctY8J8IMAT89gO8F_tTc5C_bDbIiQtYaq29HYJqm26g7qQIMUNsmebtdlee66Dc2FNik8JGdHycfD4fDDOWx6_uTg4Gh7-u57YTuCHUawPw2&nc_client_reply_address=https%3a%2f%2fvivaloud.top/66fec1da18260697b349b97a/o/aHR0cHM6Ly9vdXRsb29rLm9mZmljZS5jb20=-lg%2fowa%2f&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2fNationalCloudFederation&login_hint=elkin%40core4ce.com&login_hint_disambig=1&response_mode=form_post&client-request-id=6d0c90be-f66b-bdcf-2a3a-1ef93cadf37d HTTP/1.1Host: vivaloud.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw%3D%3DAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 2=OIDC=1; 21=OIDC=1; esctx-4yVsomElLmE=AQABCQEAAADW6jl31mB3T7ugrWTT8pFe-8lwUkpOEq7vUg28JMm-P37n5dTwKJZMmBDchZ4f4TeF_JWdK7tfTrdOev1_THXIAAjh0R8y0ifpGUgkusMuuuJp33S-dOih6EXrn9ZBt5P1CnhS5tNk_KcPvlbhqqE0j0ymXj4sr_oViTphwoDSUiAA; esctx=PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe6CHcyzWFfpG4Ur-f-Ybhnnr1Y8NLVl6jd0LDIbFV0NU_eU8D5GDxyx300HlqzOmS1DPpdcVKZooU2y4F2V7mZ_bVa2__mApQDQOxi7aB-43Ad5WwBr4MmQx15FYCdXyaCVwU8lwfeiUtowZbAV9XeE0hUIZGhFxfVwGYnIiAOusgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; appdfmd5naosiz309213=ZWxraW5AY29yZTRjZS5jb20=; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; 0=ClientId=E61C637E93E344D0BA12088D09C76470; 1=ClientId=E61C637E93E344D0BA12088D09C76470; 16=OpenIdConnect.nonce.v3.ftcmLuoJsEu-fTcbpQtfth4M2sORI79jM3LohQAdTIo=638640072100748487.9c96e298-bd0c-48ae-9774-b4125e813813; 20=Clie
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vivaloud.topsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/illustration?ts=638481933549179137 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/bannerlogo?ts=638476018421341664 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vivaloud.top/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/bannerlogo?ts=638476018421341664 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /6ebb54f4-vnbklnuh5ks5smrcmee6risenblah0-slhtg962nt-y/logintenantbranding/0/illustration?ts=638481933549179137 HTTP/1.1Host: aadcdn.msftauthimages.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120100v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule90401v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: www.baidu.com
Source: global traffic	DNS traffic detected: DNS query: www.themarbleandgranitecompany.co.uk
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: vivaloud.top
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.us
Source: global traffic	DNS traffic detected: DNS query: outlook.office365.com
Source: global traffic	DNS traffic detected: DNS query: r4.res.office365.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauthimages.us
Source: global traffic	DNS traffic detected: DNS query: passwordreset.activedirectory.windowsazure.us
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com

Source: unknown

Source: chromecache_93.2.dr, chromecache_139.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_151.2.dr	String found in binary or memory: http://github.com/jquery/globalize
Source: chromecache_121.2.dr, chromecache_122.2.dr, chromecache_111.2.dr, chromecache_99.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_121.2.dr, chromecache_122.2.dr, chromecache_111.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_136.2.dr	String found in binary or memory: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
Source: chromecache_134.2.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_93.2.dr, chromecache_139.2.dr, chromecache_121.2.dr, chromecache_123.2.dr, chromecache_122.2.dr, chromecache_124.2.dr, chromecache_111.2.dr, chromecache_99.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_97.2.dr	String found in binary or memory: https://vivaloud.top/66fec1da18260697b349b97a/om/ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1
Source: chromecache_106.2.dr	String found in binary or memory: https://www.themarbleandgranitecompany.co.uk/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 61568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 61602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61626
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61629
Source: unknown	Network traffic detected: HTTP traffic on port 61648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 61625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61620
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61621
Source: unknown	Network traffic detected: HTTP traffic on port 61659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61633
Source: unknown	Network traffic detected: HTTP traffic on port 61557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61636
Source: unknown	Network traffic detected: HTTP traffic on port 61614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61637
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61639
Source: unknown	Network traffic detected: HTTP traffic on port 61591 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61630
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61631
Source: unknown	Network traffic detected: HTTP traffic on port 61683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61632
Source: unknown	Network traffic detected: HTTP traffic on port 61637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61645
Source: unknown	Network traffic detected: HTTP traffic on port 61533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61649
Source: unknown	Network traffic detected: HTTP traffic on port 61592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61641
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61643
Source: unknown	Network traffic detected: HTTP traffic on port 61569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61626 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61659
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61539
Source: unknown	Network traffic detected: HTTP traffic on port 61660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61652
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61653
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 61593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 61635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61709
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61706
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 61603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61713
Source: unknown	Network traffic detected: HTTP traffic on port 61706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61609
Source: unknown	Network traffic detected: HTTP traffic on port 61543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61600
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61606
Source: unknown	Network traffic detected: HTTP traffic on port 61613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61607
Source: unknown	Network traffic detected: HTTP traffic on port 61707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 61669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 61571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61619
Source: unknown	Network traffic detected: HTTP traffic on port 61636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61611
Source: unknown	Network traffic detected: HTTP traffic on port 61582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61612
Source: unknown	Network traffic detected: HTTP traffic on port 61559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61614
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61618
Source: unknown	Network traffic detected: HTTP traffic on port 61647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 61681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61590
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61591
Source: unknown	Network traffic detected: HTTP traffic on port 61639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61589
Source: unknown	Network traffic detected: HTTP traffic on port 61640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61581
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61582
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61583
Source: unknown	Network traffic detected: HTTP traffic on port 61577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61585
Source: unknown	Network traffic detected: HTTP traffic on port 61663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61586
Source: unknown	Network traffic detected: HTTP traffic on port 61554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61587
Source: unknown	Network traffic detected: HTTP traffic on port 61686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61588
Source: unknown	Network traffic detected: HTTP traffic on port 61628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61651 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61592
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61596
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61598
Source: unknown	Network traffic detected: HTTP traffic on port 61536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61599
Source: unknown	Network traffic detected: HTTP traffic on port 61652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 61685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61545
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61547
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61668
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61549
Source: unknown	Network traffic detected: HTTP traffic on port 61615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61660
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61540
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61663
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61543
Source: unknown	Network traffic detected: HTTP traffic on port 61535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61544
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61665
Source: unknown	Network traffic detected: HTTP traffic on port 61546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61677
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61557
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61679
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61670
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61550
Source: unknown	Network traffic detected: HTTP traffic on port 61578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61671
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61554
Source: unknown	Network traffic detected: HTTP traffic on port 61649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61555
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61676
Source: unknown	Network traffic detected: HTTP traffic on port 61627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61569
Source: unknown	Network traffic detected: HTTP traffic on port 61579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61680
Source: unknown	Network traffic detected: HTTP traffic on port 61684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61560
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61562
Source: unknown	Network traffic detected: HTTP traffic on port 61661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61563
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61684
Source: unknown	Network traffic detected: HTTP traffic on port 61556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61565
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61686
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61687
Source: unknown	Network traffic detected: HTTP traffic on port 61605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61580
Source: unknown	Network traffic detected: HTTP traffic on port 61710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61578
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61579
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61570
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61571
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61574
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61575
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61577
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61698
Source: unknown	Network traffic detected: HTTP traffic on port 61654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61631 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61586 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61643 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61646 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61551 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61532 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.51:443 -> 192.168.2.4:61569 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.win@20/117@34/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2112,i,1976848936731450565,5995352911465103930,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=2112,i,1976848936731450565,5995352911465103930,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1529267
Product:	CloudBasic
Start time:	19:59:05
Start date:	08.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://www.baidu.com/link?url=7AgUGxkCgEsQdPm9T1PXcA0XghaPOWMLvdhGyyVngg844uS4x-KZy4IMqs1ov0OgdFqhAB-_X2oOV9exK4hWC_&wd=ZWxraW58WTI5eVpUUmpaUzVqYjIwPXxNYkdVSlpkdVROdWNyeW1UWU1laElVVW1QbGRGb0F5RmNLcWJadW1CT01YYw==