Windows Analysis Report
https://productlab.groupe-rocher.com/Advitium/login.asp

Overview

General Information

Sample URL:	https://productlab.groupe-rocher.com/Advitium/login.asp
Analysis ID:	1532986
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page (G)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML title does not match URL

Submit button contains javascript call

Classification

Signatures

Phishing

AI detected phishing page (G)

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

LLM: Score: 7 Reasons: The domain name "productlab.groupe-rocher.com" includes "groupe-rocher.com", which is not directly related to the brand name "Lascom"., The legitimate domain for Lascom is "lascom.com"., The presence of input fields for "User Code", "Password", and "System Language" is expected for a product software website like Lascom, but on a potentially unrelated domain raises suspicion., Groupe Rocher is a cosmetics company, while Lascom provides PLM (Product Lifecycle Management) software. This difference in industry and service raises concerns about the legitimacy of the provided URL related to Lascom. DOM: 0.5.pages.csv

HTML body contains low number of good links

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTTP Parser: Title: Lascom CPG does not match URL

Submit button contains javascript call

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: LoginClicked();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: SetUserPassword();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: LoginClicked();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: SetUserPassword();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: LoginClicked();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: SetUserPassword();

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: Iframe src: Blank.asp
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: Iframe src: Blank.asp
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: Iframe src: Blank.asp

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTTP Parser: <input type="password" .../> found

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No favicon
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No favicon

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="author".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="author".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="author".. found

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="copyright".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="copyright".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:57804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57806 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:57803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:58418 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zXubGz9VS2Heupo&MD=Nx9PrlAm HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zXubGz9VS2Heupo&MD=Nx9PrlAm HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: productlab.groupe-rocher.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: baxhwiiccjae2zymykra-f-88643dc9c-clientnsv4-s.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: 684dd311.akstat.io
Source: global traffic	DNS traffic detected: DNS query: baxhwiiccjae2zymyktq-f-8c5a7db05-clientnsv4-s.akamaihd.net

Source: chromecache_156.2.dr	String found in binary or memory: http://bugs.jqueryui.com/ticket/7233
Source: chromecache_148.2.dr, chromecache_143.2.dr	String found in binary or memory: http://docs.jquery.com/UI
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Accordion#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Autocomplete#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Button#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Datepicker#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Dialog#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Menu#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Progressbar#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Resizable#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Selectable#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Slider#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Tabs#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Theming/API
Source: chromecache_156.2.dr, chromecache_148.2.dr, chromecache_143.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_156.2.dr, chromecache_148.2.dr, chromecache_143.2.dr	String found in binary or memory: http://jqueryui.com/about)
Source: chromecache_156.2.dr	String found in binary or memory: http://jqueryui.com/themeroller/
Source: chromecache_170.2.dr, chromecache_149.2.dr	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57924
Source: unknown	Network traffic detected: HTTP traffic on port 57886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57920
Source: unknown	Network traffic detected: HTTP traffic on port 57811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57819
Source: unknown	Network traffic detected: HTTP traffic on port 57977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57818
Source: unknown	Network traffic detected: HTTP traffic on port 57851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57939
Source: unknown	Network traffic detected: HTTP traffic on port 57816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57936
Source: unknown	Network traffic detected: HTTP traffic on port 57960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57814
Source: unknown	Network traffic detected: HTTP traffic on port 57925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57935
Source: unknown	Network traffic detected: HTTP traffic on port 57868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57931
Source: unknown	Network traffic detected: HTTP traffic on port 57919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57948
Source: unknown	Network traffic detected: HTTP traffic on port 57827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57825
Source: unknown	Network traffic detected: HTTP traffic on port 57926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57820
Source: unknown	Network traffic detected: HTTP traffic on port 57903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57942
Source: unknown	Network traffic detected: HTTP traffic on port 57885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57950
Source: unknown	Network traffic detected: HTTP traffic on port 57971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57835
Source: unknown	Network traffic detected: HTTP traffic on port 57948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57953
Source: unknown	Network traffic detected: HTTP traffic on port 57835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57961
Source: unknown	Network traffic detected: HTTP traffic on port 57810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57960
Source: unknown	Network traffic detected: HTTP traffic on port 57863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 57873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57909
Source: unknown	Network traffic detected: HTTP traffic on port 57955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57908
Source: unknown	Network traffic detected: HTTP traffic on port 57978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57907
Source: unknown	Network traffic detected: HTTP traffic on port 57817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57906
Source: unknown	Network traffic detected: HTTP traffic on port 57949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57901
Source: unknown	Network traffic detected: HTTP traffic on port 57961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57902
Source: unknown	Network traffic detected: HTTP traffic on port 57922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 57895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57919
Source: unknown	Network traffic detected: HTTP traffic on port 57933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57916
Source: unknown	Network traffic detected: HTTP traffic on port 57927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57915
Source: unknown	Network traffic detected: HTTP traffic on port 57845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57917
Source: unknown	Network traffic detected: HTTP traffic on port 57983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57911
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57910
Source: unknown	Network traffic detected: HTTP traffic on port 57884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57886
Source: unknown	Network traffic detected: HTTP traffic on port 57940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57887
Source: unknown	Network traffic detected: HTTP traffic on port 57860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57895
Source: unknown	Network traffic detected: HTTP traffic on port 57883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57890
Source: unknown	Network traffic detected: HTTP traffic on port 57872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57898
Source: unknown	Network traffic detected: HTTP traffic on port 57837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 57818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57846
Source: unknown	Network traffic detected: HTTP traffic on port 57924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57843
Source: unknown	Network traffic detected: HTTP traffic on port 57901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57964
Source: unknown	Network traffic detected: HTTP traffic on port 57918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57971
Source: unknown	Network traffic detected: HTTP traffic on port 57815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57978
Source: unknown	Network traffic detected: HTTP traffic on port 57830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57859
Source: unknown	Network traffic detected: HTTP traffic on port 57864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57862
Source: unknown	Network traffic detected: HTTP traffic on port 57882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57983
Source: unknown	Network traffic detected: HTTP traffic on port 57858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57861
Source: unknown	Network traffic detected: HTTP traffic on port 57942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57982
Source: unknown	Network traffic detected: HTTP traffic on port 57970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57986
Source: unknown	Network traffic detected: HTTP traffic on port 57859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57873
Source: unknown	Network traffic detected: HTTP traffic on port 57941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57872
Source: unknown	Network traffic detected: HTTP traffic on port 57881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57878
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57874
Source: unknown	Network traffic detected: HTTP traffic on port 57887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57876
Source: unknown	Network traffic detected: HTTP traffic on port 57902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57882
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57883
Source: unknown	Network traffic detected: HTTP traffic on port 57814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57880
Source: unknown	Network traffic detected: HTTP traffic on port 57913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57898 -> 443

Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:57804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57806 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@21/74@20/3

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=2024,i,18257968916526087547,7377922921570812397,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://productlab.groupe-rocher.com/Advitium/login.asp"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=2024,i,18257968916526087547,7377922921570812397,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
216.58.206.36	www.google.com	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
s-part-0044.t-0009.fb-t-msedge.net	13.107.253.72	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	216.58.206.36	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
productlab.groupe-rocher.com	unknown	unknown
s.go-mpulse.net	unknown	unknown
baxhwiiccjae2zymyktq-f-8c5a7db05-clientnsv4-s.akamaihd.net	unknown	unknown
684dd311.akstat.io	unknown	unknown
c.go-mpulse.net	unknown	unknown
baxhwiiccjae2zymykra-f-88643dc9c-clientnsv4-s.akamaihd.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://productlab.groupe-rocher.com/Advitium/login.asp	true		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 131	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	D7749948326084F186484D52F2404CA3	B313A81EFF6A4F6DAD9288ED60018AF6A55CED8C	6FA9807D40456217DB7A8B9E04BF664879ABA6FA9C1023FA6F013F0016699403
Chrome Cache Entry: 132	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	9258C432A558C87350798F2AE5480A62	39FCFC7C0368F9E7417F3856E604EA8D9D2F068E	3588B6E830969E6A9194E975577E597031D2E7219358F387C1B59D37741B8710
Chrome Cache Entry: 133	PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced	1EECCE1B032497248ED0229F7C01A0E5	4ED0402572414B376E4FD8AB5F10F48DC406F586	29AE551B8DC21F9FE35C9D3F002788DDC6D54874C341DD9804CFFC6DE42C8CDE
Chrome Cache Entry: 134	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	3F2535A9D727E4F0A7FAD4696B65F6D4	7E3032F569877A1F41F728229C0BA1A9CCEE3CAF	9551E5BCF362E0FF9D385076DC30FAE364D015A60D9AFB404475AE0CC6909076
Chrome Cache Entry: 135	PNG image data, 304 x 96, 8-bit/color RGBA, non-interlaced	510BE3E3A49D6EAF3C780C0EC0239AD5	92B9BA3DC1E31DA6F84E1AE79AEE90805ECD28C0	1F6189D6D0D8D6636317059EB95E825AACDEE096D92B79611097F7C7B3DBD992
Chrome Cache Entry: 136	ASCII text, with CRLF line terminators	D4E487D76E885DEE2CD5B78A410CB6EE	7790DAAAC8E8BA5B0BA3AB575A1F3D7AD57F857B	CBCC53050E0F24E258B9D16C0200A4E545034088FBEA379717CC8FF9FAB886B6
Chrome Cache Entry: 137	C source, ASCII text, with very long lines (65103)	FA4C76A7FDE62B18054CF7EB8E946012	B20150066A879D2B78DD3D4908F4ACD148EE66F8	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
Chrome Cache Entry: 138	ASCII text, with no line terminators	5CE9C1B145907F0F36BAA784128BE067	2B40FFCB26D85FDF146C8BF0CB430D32E53EC133	78651FB305B322ACF9098EFAB061E6C73940DA897EA48CF9C74EC69A727FCBF6
Chrome Cache Entry: 139	PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced	1EECCE1B032497248ED0229F7C01A0E5	4ED0402572414B376E4FD8AB5F10F48DC406F586	29AE551B8DC21F9FE35C9D3F002788DDC6D54874C341DD9804CFFC6DE42C8CDE
Chrome Cache Entry: 140	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	49E373C55C77A2E08489D578C4F337A3	DB7989E62815A6A8801923CEE7FF16816AFD7D69	E4282950EC0D09D120FFB6ED87E42EAE8FD5815B00D89915290D96CE71E6EA69
Chrome Cache Entry: 141	ASCII text, with CRLF line terminators	6DE87EADF5B8838FE530D9B76634A31C	2375197BB0CC5E43652204B713A45EB40AD9FC81	E0B938E869699655FFF632EBAA26BF5CDD617983CB97ADED8494DA9BD7D2E5A2
Chrome Cache Entry: 142	GIF image data, version 89a, 44 x 44	AE214867625580473B7828BBEFF4391B	A53958345B34101DB7584260FBE422B60CFBB613	44756082A167E6926844393F2AAC9D02D9D790E8429708A7F1DB92B815A637AE
Chrome Cache Entry: 143	Unicode text, UTF-8 (with BOM) text, with very long lines (563), with CRLF line terminators	FB92FBE8AB0F16527F4E56FF208AB293	8927F2145D620EB54C224B6819EF35A941F69DD3	AD0AF070C088D96498C1CF3ED693CF7A9CEB6BBCA5A9260307F12BC37670A6E8
Chrome Cache Entry: 144	JSON data	192F75EC98C096996250D4304DC8F8FE	5C957F93A8E1F5133972BD5F17C484311E3618CF	D81B4007BFAEAEE353694ABE412D5859AAAC4E0D8F91E5AFDCF02FE1261E9A2D
Chrome Cache Entry: 145	JSON data	75DD8BC29047BC78CF9AF2204B18C13E	8362E3D4457A7F2A5E81608D4E24FEF1470D2A3B	2A3FFE9D8F70DF26F66E2AD23134BA3B59F569D024777E8F3D219B37621113CB
Chrome Cache Entry: 146	ASCII text, with CRLF line terminators	9D30D3842EF79EF6ADE3743479037C5C	3E6237C2D80CBF36ADB04D84A3779E97640EDE84	32527260325137F3B06CC4CEFF01326C36BB885B831268AC9B25EA14DE1F72C6
Chrome Cache Entry: 147	MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	333667455FE647ED3F72D116E7D6B39C	87364589DEECB4519C8BA45815898B4A734500C5	422DECD57F5834B09E24695847018BB769B93FC90DB8279E11BA5ED96F8E8E40
Chrome Cache Entry: 148	Unicode text, UTF-8 (with BOM) text, with very long lines (563), with CRLF line terminators	FB92FBE8AB0F16527F4E56FF208AB293	8927F2145D620EB54C224B6819EF35A941F69DD3	AD0AF070C088D96498C1CF3ED693CF7A9CEB6BBCA5A9260307F12BC37670A6E8
Chrome Cache Entry: 149	ASCII text, with CRLF line terminators	1DD1B1ABDF5894576E572A57DFE92B2A	E8B8289A9C897707B753EB934155A57BE0183D71	17A9BA7177834249BF5E448F8BFDFFC2E74B25DD3DFA1C86B801D0A28352379D
Chrome Cache Entry: 150	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	C6CB03248C84C5527E13899CAFA40346	9E95B2A8E43B2E3A2F7664E8F6077E9A1EC0AD8E	688F5972A3D41482ECEE397ECB0743C9462DDFFA67F882FB79E6A26DB8347B31
Chrome Cache Entry: 151	PNG image data, 304 x 96, 8-bit/color RGBA, non-interlaced	510BE3E3A49D6EAF3C780C0EC0239AD5	92B9BA3DC1E31DA6F84E1AE79AEE90805ECD28C0	1F6189D6D0D8D6636317059EB95E825AACDEE096D92B79611097F7C7B3DBD992
Chrome Cache Entry: 152	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1191x580, components 3	7F19C35D60767F2B1426604498C88717	13AB549621154238822C7F193183C4CB08D1AB62	D9D80D5388103E29842A486A37AFD471F3C07F36F5B09E93B67EAE84CF339F0A
Chrome Cache Entry: 153	ASCII text, with CRLF line terminators	69EBF41EF4F44C50BBCDCF382698058B	958552726B8C7BBDE5616174BD5F02887BA4BE67	732447BC3315A146C1B4DCFEAC8DC7BE56F9103AE57AE43F4A201D0424AF652B
Chrome Cache Entry: 154	JSON data	75499531F26BE7DB8985A6D375318BAC	65A218F2C7D53FF73455A210B18442B5C0412E79	16391C277AAFD63B2864DDEBAF9F5224736C47A196ADF82C681F2F55966F6DBD
Chrome Cache Entry: 155	ASCII text, with CRLF line terminators	41C22A696959FDB8B928C2627EBE41D0	535B286A38D78CA90DC5E4BCBE1EAE5342C2233F	7125CFFBB722D3D804AB871836FF9B6663BC78D7AB17C15C193CD812A95166ED
Chrome Cache Entry: 156	ASCII text, with very long lines (500)	5EA2F6F49EF02CAB5137A5AA900AB0D4	02241CC1F5B1AB71D5809D92E109F854E3310BBE	E28D4B1EF31882396F2D8F033E5EDE070E6168FAB62F13DE4F23444AB17987C1
Chrome Cache Entry: 157	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	32ABD16B7A3FBE4BC16A99177ECA8435	C4DA3B1CF8949728ED25677CE08C60525B0DD393	528AC587B239FAFFCDFBF3120AA7F3672F17376199C034A2ABAC3B944B5477CF
Chrome Cache Entry: 158	GIF image data, version 89a, 44 x 44	AE214867625580473B7828BBEFF4391B	A53958345B34101DB7584260FBE422B60CFBB613	44756082A167E6926844393F2AAC9D02D9D790E8429708A7F1DB92B815A637AE
Chrome Cache Entry: 159	HTML document, Unicode text, UTF-8 text, with very long lines (32769)	B8D64D0BC142B3F670CC0611B0AEBCAE	ABCD2BA13348F178B17141B445BC99F1917D47AF	47B68DCE8CB6805AD5B3EA4D27AF92A241F4E29A5C12A274C852E4346A0500B4
Chrome Cache Entry: 160	JSON data	7713E33C4FBAE1AE5006A5730CB7545E	4A766202F3A158616C472F3C7F8498E924D36EDA	C0C871D14AE4E658BFDF110592B66E8816D50BAF1106D49C99CE3B1ABDA60B96
Chrome Cache Entry: 161	ASCII text, with CRLF line terminators	69EBF41EF4F44C50BBCDCF382698058B	958552726B8C7BBDE5616174BD5F02887BA4BE67	732447BC3315A146C1B4DCFEAC8DC7BE56F9103AE57AE43F4A201D0424AF652B
Chrome Cache Entry: 162	ASCII text, with CRLF line terminators	D4E487D76E885DEE2CD5B78A410CB6EE	7790DAAAC8E8BA5B0BA3AB575A1F3D7AD57F857B	CBCC53050E0F24E258B9D16C0200A4E545034088FBEA379717CC8FF9FAB886B6
Chrome Cache Entry: 163	HTML document, Unicode text, UTF-8 text, with very long lines (32769)	B8D64D0BC142B3F670CC0611B0AEBCAE	ABCD2BA13348F178B17141B445BC99F1917D47AF	47B68DCE8CB6805AD5B3EA4D27AF92A241F4E29A5C12A274C852E4346A0500B4
Chrome Cache Entry: 164	MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	333667455FE647ED3F72D116E7D6B39C	87364589DEECB4519C8BA45815898B4A734500C5	422DECD57F5834B09E24695847018BB769B93FC90DB8279E11BA5ED96F8E8E40
Chrome Cache Entry: 165	Unicode text, UTF-8 (with BOM) text, with very long lines (347), with CRLF line terminators	732F51D2608E3A855AF0332F1DFACF51	7DD5ED16B9EB113353D7EEF0E1948A974EDFEB61	5FCE22CB95F03AA4BA9225A487390147E108ACF98CF6902C4F1C17D9EA469D82
Chrome Cache Entry: 166	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	AC811E5D86729A5F7AD2F7C68350EA65	F5D4C5197A2A826EBF1D64E2FEE7D08ECDC65062	1FF0D0276F7662949E0E60683D1843623F92BFA38C5EF15165C551818D26C6DF
Chrome Cache Entry: 167	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	49E373C55C77A2E08489D578C4F337A3	DB7989E62815A6A8801923CEE7FF16816AFD7D69	E4282950EC0D09D120FFB6ED87E42EAE8FD5815B00D89915290D96CE71E6EA69
Chrome Cache Entry: 168	ASCII text, with CRLF line terminators	6DE87EADF5B8838FE530D9B76634A31C	2375197BB0CC5E43652204B713A45EB40AD9FC81	E0B938E869699655FFF632EBAA26BF5CDD617983CB97ADED8494DA9BD7D2E5A2
Chrome Cache Entry: 169	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	AC811E5D86729A5F7AD2F7C68350EA65	F5D4C5197A2A826EBF1D64E2FEE7D08ECDC65062	1FF0D0276F7662949E0E60683D1843623F92BFA38C5EF15165C551818D26C6DF
Chrome Cache Entry: 170	ASCII text, with CRLF line terminators	1DD1B1ABDF5894576E572A57DFE92B2A	E8B8289A9C897707B753EB934155A57BE0183D71	17A9BA7177834249BF5E448F8BFDFFC2E74B25DD3DFA1C86B801D0A28352379D
Chrome Cache Entry: 171	Unicode text, UTF-8 (with BOM) text, with very long lines (347), with CRLF line terminators	732F51D2608E3A855AF0332F1DFACF51	7DD5ED16B9EB113353D7EEF0E1948A974EDFEB61	5FCE22CB95F03AA4BA9225A487390147E108ACF98CF6902C4F1C17D9EA469D82
Chrome Cache Entry: 172	C source, ASCII text, with very long lines (65103)	FA4C76A7FDE62B18054CF7EB8E946012	B20150066A879D2B78DD3D4908F4ACD148EE66F8	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
Chrome Cache Entry: 173	ASCII text, with CRLF line terminators	5007E4314F3AF7E1FD521496E67DDD8C	330F22B682E22EE3B462C4A421AAECE5B2D0066B	3482172C23BFE3042777440BEB8F3F5BBC21AF273D4F6626CBB4362128400987
Chrome Cache Entry: 174	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1191x580, components 3	7F19C35D60767F2B1426604498C88717	13AB549621154238822C7F193183C4CB08D1AB62	D9D80D5388103E29842A486A37AFD471F3C07F36F5B09E93B67EAE84CF339F0A
Chrome Cache Entry: 175	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	99BE0C13C83086A7BC86D4E7CDC34EE6	34DA5F88C65C4BC885FFCD4A37A01184D69DC456	8C6CD06DE65F2D862A05DB5540478B796B9FB2739D110C0F605197436FE84EBF
Chrome Cache Entry: 176	ASCII text, with CRLF line terminators	5007E4314F3AF7E1FD521496E67DDD8C	330F22B682E22EE3B462C4A421AAECE5B2D0066B	3482172C23BFE3042777440BEB8F3F5BBC21AF273D4F6626CBB4362128400987

Phishing

AI detected phishing page (G)

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTML body contains low number of good links

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTTP Parser: Title: Lascom CPG does not match URL

Submit button contains javascript call

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: LoginClicked();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: SetUserPassword();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: LoginClicked();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: SetUserPassword();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: LoginClicked();
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: On click: SetUserPassword();

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: Iframe src: Blank.asp
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: Iframe src: Blank.asp
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: Iframe src: Blank.asp

Source: https://productlab.groupe-rocher.com/Advitium/login.asp

HTTP Parser: <input type="password" .../> found

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No favicon
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No favicon

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="author".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="author".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="author".. found

Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="copyright".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="copyright".. found
Source: https://productlab.groupe-rocher.com/Advitium/login.asp	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:57804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57806 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:57803 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:58418 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.244.127
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zXubGz9VS2Heupo&MD=Nx9PrlAm HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zXubGz9VS2Heupo&MD=Nx9PrlAm HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: productlab.groupe-rocher.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: s.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: c.go-mpulse.net
Source: global traffic	DNS traffic detected: DNS query: baxhwiiccjae2zymykra-f-88643dc9c-clientnsv4-s.akamaihd.net
Source: global traffic	DNS traffic detected: DNS query: 684dd311.akstat.io
Source: global traffic	DNS traffic detected: DNS query: baxhwiiccjae2zymyktq-f-8c5a7db05-clientnsv4-s.akamaihd.net

Source: chromecache_156.2.dr	String found in binary or memory: http://bugs.jqueryui.com/ticket/7233
Source: chromecache_148.2.dr, chromecache_143.2.dr	String found in binary or memory: http://docs.jquery.com/UI
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Accordion#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Autocomplete#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Button#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Datepicker#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Dialog#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Menu#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Progressbar#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Resizable#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Selectable#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Slider#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Tabs#theming
Source: chromecache_156.2.dr	String found in binary or memory: http://docs.jquery.com/UI/Theming/API
Source: chromecache_156.2.dr, chromecache_148.2.dr, chromecache_143.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_156.2.dr, chromecache_148.2.dr, chromecache_143.2.dr	String found in binary or memory: http://jqueryui.com/about)
Source: chromecache_156.2.dr	String found in binary or memory: http://jqueryui.com/themeroller/
Source: chromecache_170.2.dr, chromecache_149.2.dr	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57924
Source: unknown	Network traffic detected: HTTP traffic on port 57886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57920
Source: unknown	Network traffic detected: HTTP traffic on port 57811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57819
Source: unknown	Network traffic detected: HTTP traffic on port 57977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57818
Source: unknown	Network traffic detected: HTTP traffic on port 57851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57939
Source: unknown	Network traffic detected: HTTP traffic on port 57816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57936
Source: unknown	Network traffic detected: HTTP traffic on port 57960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57814
Source: unknown	Network traffic detected: HTTP traffic on port 57925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57935
Source: unknown	Network traffic detected: HTTP traffic on port 57868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57931
Source: unknown	Network traffic detected: HTTP traffic on port 57919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57948
Source: unknown	Network traffic detected: HTTP traffic on port 57827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57825
Source: unknown	Network traffic detected: HTTP traffic on port 57926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57820
Source: unknown	Network traffic detected: HTTP traffic on port 57903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57942
Source: unknown	Network traffic detected: HTTP traffic on port 57885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57950
Source: unknown	Network traffic detected: HTTP traffic on port 57971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57835
Source: unknown	Network traffic detected: HTTP traffic on port 57948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57953
Source: unknown	Network traffic detected: HTTP traffic on port 57835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57961
Source: unknown	Network traffic detected: HTTP traffic on port 57810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57960
Source: unknown	Network traffic detected: HTTP traffic on port 57863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 57873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57909
Source: unknown	Network traffic detected: HTTP traffic on port 57955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57908
Source: unknown	Network traffic detected: HTTP traffic on port 57978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57907
Source: unknown	Network traffic detected: HTTP traffic on port 57817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57906
Source: unknown	Network traffic detected: HTTP traffic on port 57949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57901
Source: unknown	Network traffic detected: HTTP traffic on port 57961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57902
Source: unknown	Network traffic detected: HTTP traffic on port 57922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 57895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57919
Source: unknown	Network traffic detected: HTTP traffic on port 57933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57916
Source: unknown	Network traffic detected: HTTP traffic on port 57927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57915
Source: unknown	Network traffic detected: HTTP traffic on port 57845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57917
Source: unknown	Network traffic detected: HTTP traffic on port 57983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57911
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57910
Source: unknown	Network traffic detected: HTTP traffic on port 57884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57886
Source: unknown	Network traffic detected: HTTP traffic on port 57940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57887
Source: unknown	Network traffic detected: HTTP traffic on port 57860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57895
Source: unknown	Network traffic detected: HTTP traffic on port 57883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57890
Source: unknown	Network traffic detected: HTTP traffic on port 57872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57898
Source: unknown	Network traffic detected: HTTP traffic on port 57837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 57818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57846
Source: unknown	Network traffic detected: HTTP traffic on port 57924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57843
Source: unknown	Network traffic detected: HTTP traffic on port 57901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57964
Source: unknown	Network traffic detected: HTTP traffic on port 57918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57971
Source: unknown	Network traffic detected: HTTP traffic on port 57815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57978
Source: unknown	Network traffic detected: HTTP traffic on port 57830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57859
Source: unknown	Network traffic detected: HTTP traffic on port 57864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57862
Source: unknown	Network traffic detected: HTTP traffic on port 57882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57983
Source: unknown	Network traffic detected: HTTP traffic on port 57858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57861
Source: unknown	Network traffic detected: HTTP traffic on port 57942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57982
Source: unknown	Network traffic detected: HTTP traffic on port 57970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57986
Source: unknown	Network traffic detected: HTTP traffic on port 57859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57873
Source: unknown	Network traffic detected: HTTP traffic on port 57941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57872
Source: unknown	Network traffic detected: HTTP traffic on port 57881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57878
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57874
Source: unknown	Network traffic detected: HTTP traffic on port 57887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57876
Source: unknown	Network traffic detected: HTTP traffic on port 57902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57882
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57883
Source: unknown	Network traffic detected: HTTP traffic on port 57814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57880
Source: unknown	Network traffic detected: HTTP traffic on port 57913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57898 -> 443

Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.19.244.127:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:57804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:57806 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@21/74@20/3

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=2024,i,18257968916526087547,7377922921570812397,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://productlab.groupe-rocher.com/Advitium/login.asp"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=2024,i,18257968916526087547,7377922921570812397,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1532986
Product:	CloudBasic
Start time:	09:04:01
Start date:	14.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://productlab.groupe-rocher.com/Advitium/login.asp

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://productlab.groupe-rocher.com/Advitium/login.asp

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://productlab.groupe-rocher.com/Advitium/login.asp