Windows Analysis Report
https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724

Overview

General Information

Sample URL: https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724
Analysis ID: 1540585
Infos:

Detection

Phisher
Score: 56
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

AI detected phishing page
Yara detected Phisher
Detected non-DNS traffic on DNS port
HTML body contains low number of good links

Classification

Phishing

barindex
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= LLM: Score: 7 Reasons: The brand 'Vensure Employer Services' is a known brand in the HR and payroll services industry., The URL 'vmcsolvo.prismhrperformance.com' does not match the expected domain for Vensure, which is 'vensure.com'., The domain 'prismhrperformance.com' suggests a possible association with PrismHR, a known HR software provider, which could be legitimate if Vensure uses their services., The subdomain 'vmcsolvo' is unusual and not directly associated with Vensure, raising suspicion., The presence of input fields for 'Username' and 'Password' is typical for login pages, which are common targets for phishing., The URL structure with multiple segments and a non-matching primary domain increases the risk of phishing. DOM: 1.0.pages.csv
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= LLM: Score: 7 Reasons: The brand 'Vensure Employer Services' is known and associated with the domain 'vensure.com'., The URL 'vmcsolvo.prismhrperformance.com' does not match the legitimate domain 'vensure.com'., The domain 'prismhrperformance.com' could be a legitimate service provider, but it is not directly associated with 'Vensure Employer Services'., The presence of a subdomain 'vmcsolvo' and the use of a different primary domain 'prismhrperformance.com' raises suspicion., The URL structure suggests a potential third-party service provider, which is common in phishing attempts to mimic legitimate services. DOM: 1.2.pages.csv
Source: Yara match File source: dropped/chromecache_120, type: DROPPED
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: Number of links: 0
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: <input type="password" .../> found
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No favicon
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No favicon
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No favicon
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No <meta name="author".. found
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No <meta name="author".. found
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No <meta name="author".. found
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No <meta name="copyright".. found
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No <meta name="copyright".. found
Source: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP Parser: No <meta name="copyright".. found
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49426 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.67:443 -> 192.168.2.4:49427 version: TLS 1.2
Source: global traffic TCP traffic: 192.168.2.4:49424 -> 1.1.1.1:53
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: global traffic HTTP traffic detected: GET /Login.aspx?AppraisalId=6724 HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /assets/css/ColorScheme.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /img/SuiteLogo.png?v=20240919030343 HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /css/layout.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /css/type.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /css/main.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /css/base-admin.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /img/SuiteLogo.png?v2enc=/onzEoIMTPiT7UNpYvRc3BFsIyfFoWumkgGfP3P1ZUM= HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /assets/css/core.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /css/login.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /content/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /content/Vendor/lobibox/css/lobibox.min.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /Content/Vendor/fontawesome-pro-5.15.4-web/css/fontawesome.min.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /Content/Vendor/fontawesome-pro-5.15.4-web/css/solid.min.css HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /bundles/core/login?v=x6FMZ575i8TJSGMEwUq8WghBRKfP2BRKOVHU4y1B_hQ1 HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /img/SuiteLogo.png?v2enc=/onzEoIMTPiT7UNpYvRc3BFsIyfFoWumkgGfP3P1ZUM= HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /Content/Vendor/fontawesome-pro-5.15.4-web/webfonts/fa-solid-900.woff2 HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vmcsolvo.prismhrperformance.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vmcsolvo.prismhrperformance.com/Content/Vendor/fontawesome-pro-5.15.4-web/css/solid.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /public/api/login/getlogindetails?clientId=7e335664-6102-4ca1-9f6b-83465002445e HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, */*; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /bundles/core/login?v=x6FMZ575i8TJSGMEwUq8WghBRKfP2BRKOVHU4y1B_hQ1 HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /public/api/login/getlogindetails?clientId=7e335664-6102-4ca1-9f6b-83465002445e HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=yNGAvctRKazDlPu&MD=NYCnRbaR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinityCORS=4fce253f8142caa7d3d727c949a82b90; ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=yNGAvctRKazDlPu&MD=NYCnRbaR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /login.aspx?v2enc=+o84NRuEMU7Cys9ezh0i30ar68y2STBEj+TE0Vxlk3Q= HTTP/1.1Host: vmcsolvo.prismhrperformance.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ApplicationGatewayAffinity=4fce253f8142caa7d3d727c949a82b90
Source: global traffic DNS traffic detected: DNS query: vmcsolvo.prismhrperformance.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: chromecache_120.2.dr String found in binary or memory: http://vmcsolvo.prismhrperformance.com/login.aspx?v2enc=
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10UxCF8jA.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10VxCF8jA.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10WxCF8jA.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10XxCF8jA.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10axCF8jA.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10bxCF8jA.woff2)
Source: chromecache_121.2.dr String found in binary or memory: https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10dxCF8jA.woff2)
Source: chromecache_125.2.dr String found in binary or memory: https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2)
Source: chromecache_125.2.dr String found in binary or memory: https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bnEr.woff2
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_118.2.dr String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_119.2.dr String found in binary or memory: https://vmcsolvo.prismhrperformance.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49502
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49501
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49500
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 49519 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49525 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49502 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49468 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49554 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49445 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49531 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49451 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49474 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49497 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49566 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49457 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49480 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49537 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49428 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49463 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49520 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49548 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49513 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49439 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49542 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49456 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49462 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49559 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49561 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49485 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49491 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49514 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49434 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49440 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49547 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49508 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49553 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49536 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49479 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49496 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49546
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49545
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49544
Source: unknown Network traffic detected: HTTP traffic on port 49515 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49543
Source: unknown Network traffic detected: HTTP traffic on port 49538 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49542
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49541
Source: unknown Network traffic detected: HTTP traffic on port 49544 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49540
Source: unknown Network traffic detected: HTTP traffic on port 49509 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49521 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49426 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49438 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49550 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49539
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49538
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49478 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49537
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49536
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49535
Source: unknown Network traffic detected: HTTP traffic on port 49484 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49534
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49533
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49532
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49531
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49530
Source: unknown Network traffic detected: HTTP traffic on port 49432 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49467 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49449 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49503 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49473 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49527 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49555 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49490 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49529
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49528
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49527
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49526
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49525
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49524
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49523
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49522
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49521
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49520
Source: unknown Network traffic detected: HTTP traffic on port 49433 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49565 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49427 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49466 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49489 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49495 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49472 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49526 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49549 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49519
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49518
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49517
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49516
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 49510 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49515
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49514
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49513
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49512
Source: unknown Network traffic detected: HTTP traffic on port 49543 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49511
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49510
Source: unknown Network traffic detected: HTTP traffic on port 49455 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 49461 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49560 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49504 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49532 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49450 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49444 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49509
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49508
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49507
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49506
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49505
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49504
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49503
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49469
Source: unknown Network traffic detected: HTTP traffic on port 49483 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49460 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49468
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49467
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49466
Source: unknown Network traffic detected: HTTP traffic on port 49540 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49431 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49465
Source: unknown Network traffic detected: HTTP traffic on port 49563 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49464
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49463
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49462
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49461
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49460
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49505 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49528 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49459
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49458
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49457
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49456
Source: unknown Network traffic detected: HTTP traffic on port 49516 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49455
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49454
Source: unknown Network traffic detected: HTTP traffic on port 49545 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49436 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49453
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49451
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49450
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49488 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49551 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49442 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49477 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49534 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49449
Source: unknown Network traffic detected: HTTP traffic on port 49494 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49448
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49569
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49447
Source: unknown Network traffic detected: HTTP traffic on port 49517 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49568
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49446
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49567
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49445
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49566
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49444
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49565
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49443
Source: unknown Network traffic detected: HTTP traffic on port 49437 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49564
Source: unknown Network traffic detected: HTTP traffic on port 49569 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49442
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49563
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49441
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49562
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49440
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49561
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49560
Source: unknown Network traffic detected: HTTP traffic on port 49500 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49443 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49533 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49556 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49476 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49439
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49438
Source: unknown Network traffic detected: HTTP traffic on port 49499 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49559
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49437
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49558
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49436
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49557
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49435
Source: unknown Network traffic detected: HTTP traffic on port 49459 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49556
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49434
Source: unknown Network traffic detected: HTTP traffic on port 49482 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49555
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49433
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49554
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49432
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49553
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49431
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49552
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49430
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49551
Source: unknown Network traffic detected: HTTP traffic on port 49539 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49550
Source: unknown Network traffic detected: HTTP traffic on port 49564 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49522 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49465 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49471 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49448 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49511 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49454 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49429
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49428
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49549
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49427
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49548
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49426
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49547
Source: unknown Network traffic detected: HTTP traffic on port 49458 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49435 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49567 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49429 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49464 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49487 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49470 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49558 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49441 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49512 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49535 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49493 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49541 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49499
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49498
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49497
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49496
Source: unknown Network traffic detected: HTTP traffic on port 49562 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49495
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49494
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49493
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49492
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49491
Source: unknown Network traffic detected: HTTP traffic on port 49524 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49490
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49446 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49530 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49506 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49498 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49489
Source: unknown Network traffic detected: HTTP traffic on port 49481 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49488
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49487
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49486
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49485
Source: unknown Network traffic detected: HTTP traffic on port 49546 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49484
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49483
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49482
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49481
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49480
Source: unknown Network traffic detected: HTTP traffic on port 49523 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49447 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49507 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49552 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49453 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49479
Source: unknown Network traffic detected: HTTP traffic on port 49518 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49478
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49477
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49476
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49475
Source: unknown Network traffic detected: HTTP traffic on port 49568 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49430 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49474
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49473
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49472
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49471
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49470
Source: unknown Network traffic detected: HTTP traffic on port 49486 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49469 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49501 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49529 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49557 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49475 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49492 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49426 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.67:443 -> 192.168.2.4:49427 version: TLS 1.2
Source: classification engine Classification label: mal56.phis.win@22/26@8/4
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2016,i,16681763079191028622,7082791678549408137,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://vmcsolvo.prismhrperformance.com/Login.aspx?AppraisalId=6724"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=2016,i,16681763079191028622,7082791678549408137,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs