Windows Analysis Report
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sX1Eq71YPrDUZ9AWBYuZug8WOsDS2JKCWEw0C0cY5dg-2BNoxvW-2FZfuPkdxF2FhjyUD7cYkIWu0yvkXLO5eHNYMsd8u9noDmnzi-2BBdwDajGkieVruxj8mB4Sfcl8GqcP0VCEUz

Overview

General Information

Sample URL: https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sX1Eq71YPrDUZ9AWBYuZug8WOsDS2JKCWEw0C0
Analysis ID: 1540695
Infos:

Detection

Score: 1
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Detected non-DNS traffic on DNS port
Detected suspicious crossdomain redirect

Classification

Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:56264 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56270 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:56271 version: TLS 1.2
Detected non-DNS traffic on DNS port
Source: global traffic TCP traffic: 192.168.2.4:56262 -> 1.1.1.1:53
Detected suspicious crossdomain redirect
Source: C:\Program Files\Google\Chrome\Application\chrome.exe HTTP traffic: Redirect from: email.sg.on24event.com to https://event.on24.com/eventregistration/eventcalendarservlet.ics?token=xgr%2fobv644fmm%2f7ma9zcdjnrbv9y9xlmkxpf3csposijjwa7dqjktm03%2b2wwqgrntag0ulmivdd%2bd%2fayisv%2baa%3d%3d
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: global traffic HTTP traffic detected: GET /ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sX1Eq71YPrDUZ9AWBYuZug8WOsDS2JKCWEw0C0cY5dg-2BNoxvW-2FZfuPkdxF2FhjyUD7cYkIWu0yvkXLO5eHNYMsd8u9noDmnzi-2BBdwDajGkieVruxj8mB4Sfcl8GqcP0VCEUzWa6Txm92a-2BMaySmMS2ezhFQ_fylF09WDx4VRLHs1TE6by7OSuCPsVuwyfOOTEuexYsY-2BtbYz0E6lOFn6KsXQ1L4ZTCWhuzvWjRsevsm9VNHVLEz4tOkP-2Bsk5R5Lro206tu1mSKvvaio66aKpxmfUQfxZMuOiy-2BGd0SUKSj9DdvneiuFVPTo5ui0lCAh9QIutGm-2Famqmgo7MSOz-2BCR4jPsgYnc4zA5ngpU7KhHtCa-2Bu51RctvYm39enX6XIZvjsUv9ZCNy-2Fhwp2xJIWlV6xSBCYhG-2BFASa7WWIvMHElHEDGA7JelwsGnqgKrunLsXruwTYrvvODvlATJa5cPbwgV90n3J5uCgHF-2FiAqXoOgnweMcxTw-3D-3D HTTP/1.1Host: email.sg.on24event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /eventRegistration/EventCalendarServlet.ics?token=xgR%2FOBV644Fmm%2F7MA9zCdJNRbv9y9XLmkXPF3CSpOSIjjwA7dQjKTm03%2B2wWqgRntag0uLMivdD%2BD%2FAYiSv%2BAA%3D%3D HTTP/1.1Host: event.on24.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zR6OdG3EB2z+Lwb&MD=zMwwMpCu HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zR6OdG3EB2z+Lwb&MD=zMwwMpCu HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic DNS traffic detected: DNS query: email.sg.on24event.com
Source: global traffic DNS traffic detected: DNS query: event.on24.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: http://b.c2r.ts.cdn.office.net/pr
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: http://f.c2r.ts.cdn.office.net/pr
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: http://weather.service.msn.com/data.aspx
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinsinstallation.store.office.com/app/download
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticated
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinslicensing.store.office.com/apps/remove
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinslicensing.store.office.com/commerce/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinslicensing.store.office.com/entitlement/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://analysis.windows.net/powerbi/api
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.aadrm.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.aadrm.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.addins.omex.office.net/api/addins/search
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.addins.omex.office.net/appinfo/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.addins.omex.office.net/appstate/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.addins.store.office.com/addinstemplate
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.addins.store.office.com/app/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.cortana.ai
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.diagnostics.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.diagnosticssdf.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.diagnosticssdf.office.com/v2/feedback
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.diagnosticssdf.office.com/v2/file
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.microsoftstream.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.microsoftstream.com/api/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.office.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.officescripts.microsoftusercontent.com/api
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.onedrive.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.powerbi.com/v1.0/myorg/imports
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://api.scheduler.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://apis.live.net/v5.0/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://apis.mobile.m365.svc.cloud.microsoft
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://app.powerbi.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://arc.msn.com/v4/api/selection
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://augloop.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://augloop.office.com/v2
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://autodiscover-s.outlook.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://canary.designerapp.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net/designer-mobile
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/fonts
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-assets
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-dynamic-strings
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-home-screen
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-toolbar
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.entity.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.hubblecontent.osi.office.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cdn.int.designerapp.osi.office.net/fonts
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://client-office365-tas.msedge.net/ab
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/c2r/v1.0/DeltaAdvisory
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/user/v1.0/ios
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/user/v1.0/mac
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cloudfiles.onenote.com/upload.aspx
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://config.edge.skype.com/config/v1/Office
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://config.edge.skype.com/config/v2/Office
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://consent.config.office.com/consentcheckin/v1.0/consents
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://consent.config.office.com/consentweb/v1.0/consents
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cortana.ai
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cortana.ai/api
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://cr.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://d.docs.live.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dataservice.o365filtering.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dataservice.o365filtering.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://designerapp.azurewebsites.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://designerappservice.officeapps.live.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dev.cortana.ai
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://dev0-api.acompli.net/autodetect
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://devnull.onenote.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://directory.services.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ecs.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ecs.office.com/config/v1/Designer
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ecs.office.com/config/v2/Office
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://edge.skype.com/registrar/prod
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://edge.skype.com/rps
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/v2.1601652342626
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://entitlement.diagnostics.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://entitlement.diagnosticssdf.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: a8ea8a22-6f1e-4692-ba0d-57966ee3033c.tmp.0.dr, chromecache_110.2.dr String found in binary or memory: https://event.on24.com/wcc/r/4729567/029591A001D49B24F3CB477A80EF26F5
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://fpastorage.cdn.office.net/%s
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://fpastorage.cdn.office.net/firstpartyapp/addins.xml
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://globaldisco.crm.dynamics.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://graph.ppe.windows.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://graph.ppe.windows.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://graph.windows.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://graph.windows.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/pivots/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?secureurl=1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon?
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ic3.teams.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://incidents.diagnostics.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://incidents.diagnosticssdf.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://inclient.store.office.com/gyro/client
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://inclient.store.office.com/gyro/clientstore
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://invites.office.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://lifecycle.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.microsoftonline.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.microsoftonline.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.microsoftonline.com/organizations
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize
Source: OUTLOOK_16_0_16827_20130-20241023T1917060117-3192.etl.9.dr, B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.windows.local
Source: OUTLOOK_16_0_16827_20130-20241023T1917060117-3192.etl.9.dr String found in binary or memory: https://login.windows.localeEventR
Source: OUTLOOK_16_0_16827_20130-20241023T1917060117-3192.etl.9.dr String found in binary or memory: https://login.windows.localnull524
Source: OUTLOOK_16_0_16827_20130-20241023T1917060117-3192.etl.9.dr String found in binary or memory: https://login.windows.localnullD
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://login.windows.net/common/oauth2/authorize
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://make.powerautomate.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://management.azure.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://management.azure.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messagebroker.mobile.m365.svc.cloud.microsoft
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.action.office.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.action.office.com/setcampaignaction
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.action.office.com/setuseraction16
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.engagement.office.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.engagement.office.com/campaignmetadataaggregator
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.lifecycle.office.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.lifecycle.office.com/getcustommessage16
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://messaging.office.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://metadata.templates.cdn.office.net/client/log
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://mss.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ncus.contentsync.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ncus.pagecontentsync.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ocos-office365-s2s.msedge.net/ab
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ods-diagnostics-ppe.trafficmanager.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://officeapps.live.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://officeci.azurewebsites.net/api/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://officepyservice.office.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://officepyservice.office.net/service.functionality
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://officesetup.getmicrosoftkey.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://onedrive.live.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://onedrive.live.com/embed?
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://otelrules.azureedge.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://otelrules.svc.static.microsoft
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid=
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office365.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office365.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://outlook.office365.com/connectors
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://pages.store.office.com/review/query
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://powerlift-frontdesk.acompli.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://powerlift.acompli.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://pushchannel.1drv.ms
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://res.cdn.office.net
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://res.cdn.office.net/mro1cdnstorage/fonts/prod/4.40
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://res.cdn.office.net/polymer/models
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://safelinks.protection.outlook.com/api/GetPolicy
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://service.officepy.microsoftusercontent.com/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://service.powerapps.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://settings.outlook.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://shell.suite.office.com:1443
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://skyapi.live.net/Activity/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://staging.cortana.ai
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://storage.live.com/clientlogs/uploadlocation
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://store.office.cn/addinstemplate
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://store.office.de/addinstemplate
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://substrate.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://substrate.office.com/Notes-Internal.ReadWrite
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://substrate.office.com/search/api/v2/init
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://tasks.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://templatesmetadata.office.net/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://useraudit.o365auditrealtimeingestion.manage.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://web.microsoftstream.com/video/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://webshell.suite.office.com
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://word-edit.officeapps.live.com/we/rrdiscovery.ashx
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://wus2.contentsync.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://wus2.pagecontentsync.
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://www.odwebp.svc.ms
Source: B62BCC75-21EF-4364-A898-4671823420AA.9.dr String found in binary or memory: https://www.yammer.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 56274 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56279
Source: unknown Network traffic detected: HTTP traffic on port 56434 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56286
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56287
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56288
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56289
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56282
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56283
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56284
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56285
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56280
Source: unknown Network traffic detected: HTTP traffic on port 56319 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56281
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown Network traffic detected: HTTP traffic on port 56388 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56342 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56285 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56307 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56297
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56298
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56299
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56293
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56294
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56295
Source: unknown Network traffic detected: HTTP traffic on port 56377 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56296
Source: unknown Network traffic detected: HTTP traffic on port 56331 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56290
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56291
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56292
Source: unknown Network traffic detected: HTTP traffic on port 56423 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56400 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56343 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56286 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56320 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56433 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56399 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56376 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56445 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56422 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56365 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56456 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56411 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56297 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56354 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56421 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56306 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56284 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56356
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56357
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56358
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56359
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56363
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56364
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56365
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56366
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56360
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56361
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56362
Source: unknown Network traffic detected: HTTP traffic on port 56378 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56355 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56332 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56390 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56367 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56367
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56368
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56369
Source: unknown Network traffic detected: HTTP traffic on port 56455 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56321 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56374
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56375
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56376
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56377
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56370
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56371
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56372
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56373
Source: unknown Network traffic detected: HTTP traffic on port 56295 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56444 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56389 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56366 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56378
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56379
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56264
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56385
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56386
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56387
Source: unknown Network traffic detected: HTTP traffic on port 56410 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56388
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56381
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56382
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56383
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56384
Source: unknown Network traffic detected: HTTP traffic on port 56296 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56380
Source: unknown Network traffic detected: HTTP traffic on port 56466 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56443 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56273 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56344 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56389
Source: unknown Network traffic detected: HTTP traffic on port 56305 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56275
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56396
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56276
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56397
Source: unknown Network traffic detected: HTTP traffic on port 56432 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56277
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56398
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56278
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56399
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56271
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56392
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56272
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56393
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56273
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56394
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56274
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56395
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56390
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56391
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56270
Source: unknown Network traffic detected: HTTP traffic on port 56333 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56345 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56419 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56322 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56454 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56431 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56288 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56420 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56380 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56356 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56299 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56465 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56379 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56304 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56346 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56391 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56334 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56277 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56357 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown Network traffic detected: HTTP traffic on port 56323 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56453 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56408 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56368 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56442 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56335 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56358 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56393 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56370 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56298 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56441 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56464 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56275 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56303 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56324 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56406 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56430 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56264 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56276 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56381 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56452 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56407 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56369 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56313 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56336 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56418 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56347 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56287 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56392 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56463 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56429 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56360 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56383 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56280 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56302 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56325 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56348 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56405 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56428 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56279 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56359 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56451 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56416 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56291 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56394 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56440 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56314 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56337 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56417 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56301 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56292 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56462 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56382 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56439 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56326 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56371 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56312 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56278 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56438 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56450 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56415 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56290 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56315 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56338 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56384 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56373 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56349 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56289 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56300 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56427 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56461 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56327 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56372 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56395 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56426 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56449 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56311 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56361 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56350 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56404 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56316 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56339 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56316
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56437
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56438
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56318
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56439
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56319
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56312
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56433
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56313
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56434
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56314
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56435
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56436
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56315
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56440
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56320
Source: unknown Network traffic detected: HTTP traffic on port 56374 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56397 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56441
Source: unknown Network traffic detected: HTTP traffic on port 56351 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56321
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56442
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56322
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56443
Source: unknown Network traffic detected: HTTP traffic on port 56271 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56294 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56460 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56363 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56327
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56448
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56328
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56449
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56329
Source: unknown Network traffic detected: HTTP traffic on port 56328 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56323
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56444
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56324
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56445
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56325
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56326
Source: unknown Network traffic detected: HTTP traffic on port 56437 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56330
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56451
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56331
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56452
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56332
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56453
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56333
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56454
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56450
Source: unknown Network traffic detected: HTTP traffic on port 56402 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56310 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56448 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56362 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56385 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56338
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56459
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56339
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56334
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56455
Source: unknown Network traffic detected: HTTP traffic on port 56459 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56335
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56456
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56336
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56337
Source: unknown Network traffic detected: HTTP traffic on port 56436 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56458
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56341
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56462
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56342
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56463
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56343
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56464
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56344
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56465
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56460
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56340
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56461
Source: unknown Network traffic detected: HTTP traffic on port 56403 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56349
Source: unknown Network traffic detected: HTTP traffic on port 56414 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56283 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56340 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56345
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56466
Source: unknown Network traffic detected: HTTP traffic on port 56309 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56346
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56347
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56348
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56352
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56353
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56354
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56355
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56350
Source: unknown Network traffic detected: HTTP traffic on port 56396 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56351
Source: unknown Network traffic detected: HTTP traffic on port 56272 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56364 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56387 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56329 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56341 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56401 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56424 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56281 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56408
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56404
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56405
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56406
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56407
Source: unknown Network traffic detected: HTTP traffic on port 56412 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56400
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56401
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56402
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56403
Source: unknown Network traffic detected: HTTP traffic on port 56398 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56458 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56410
Source: unknown Network traffic detected: HTTP traffic on port 56270 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56318 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56352 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56419
Source: unknown Network traffic detected: HTTP traffic on port 56282 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56415
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56416
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56417
Source: unknown Network traffic detected: HTTP traffic on port 56413 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56418
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56411
Source: unknown Network traffic detected: HTTP traffic on port 56308 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56412
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56413
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56414
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56420
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56300
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56421
Source: unknown Network traffic detected: HTTP traffic on port 56353 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56330 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56309
Source: unknown Network traffic detected: HTTP traffic on port 56386 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56305
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56426
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56306
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56427
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56307
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56428
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56308
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56429
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56301
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56422
Source: unknown Network traffic detected: HTTP traffic on port 56435 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56302
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56423
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56303
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56424
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56304
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56430
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56310
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56431
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56311
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 56432
Source: unknown Network traffic detected: HTTP traffic on port 56293 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56375 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:56264 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56270 version: TLS 1.2
Source: unknown HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:56271 version: TLS 1.2
Source: classification engine Classification label: clean1.win@23/10@6/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\Downloads\a8ea8a22-6f1e-4692-ba0d-57966ee3033c.tmp Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE File created: C:\Users\user\AppData\Local\Temp\Outlook Logging\ Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2008,i,9555323973997562624,3952989119121392994,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sX1Eq71YPrDUZ9AWBYuZug8WOsDS2JKCWEw0C0cY5dg-2BNoxvW-2FZfuPkdxF2FhjyUD7cYkIWu0yvkXLO5eHNYMsd8u9noDmnzi-2BBdwDajGkieVruxj8mB4Sfcl8GqcP0VCEUzWa6Txm92a-2BMaySmMS2ezhFQ_fylF09WDx4VRLHs1TE6by7OSuCPsVuwyfOOTEuexYsY-2BtbYz0E6lOFn6KsXQ1L4ZTCWhuzvWjRsevsm9VNHVLEz4tOkP-2Bsk5R5Lro206tu1mSKvvaio66aKpxmfUQfxZMuOiy-2BGd0SUKSj9DdvneiuFVPTo5ui0lCAh9QIutGm-2Famqmgo7MSOz-2BCR4jPsgYnc4zA5ngpU7KhHtCa-2Bu51RctvYm39enX6XIZvjsUv9ZCNy-2Fhwp2xJIWlV6xSBCYhG-2BFASa7WWIvMHElHEDGA7JelwsGnqgKrunLsXruwTYrvvODvlATJa5cPbwgV90n3J5uCgHF-2FiAqXoOgnweMcxTw-3D-3D"
Source: unknown Process created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /ical "C:\Users\user\Downloads\EventCalendarServlet.ics"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2008,i,9555323973997562624,3952989119121392994,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE File opened: C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\ACTIVITY.CFG Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Key opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Process information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1540695 URL: https://email.sg.on24event.... Startdate: 24/10/2024 Architecture: WINDOWS Score: 1 5 chrome.exe 13 2->5         started        8 OUTLOOK.EXE 21 27 2->8         started        10 chrome.exe 2->10         started        dnsIp3 15 192.168.2.4, 138, 443, 49672 unknown unknown 5->15 17 239.255.255.250 unknown Reserved 5->17 12 chrome.exe 5->12         started        process4 dnsIp5 19 r-email.sg.on24event.com 199.83.44.68, 443, 49735, 49736 ON24-SACUS United States 12->19 21 r-event.on24.com 199.83.44.71, 443, 49739 ON24-SACUS United States 12->21 23 3 other IPs or domains 12->23
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
142.250.186.68
 www.google.com United States
15169 GOOGLEUS false
239.255.255.250
 unknown Reserved
unknown unknown false
199.83.44.71
 r-event.on24.com United States
18742 ON24-SACUS false
199.83.44.68
 r-email.sg.on24event.com United States
18742 ON24-SACUS false

Private

IP
192.168.2.4

Contacted Domains

Name IP Active
s-part-0017.t-0009.t-msedge.net 13.107.246.45 true
www.google.com 142.250.186.68 true
r-email.sg.on24event.com 199.83.44.68 true
r-event.on24.com 199.83.44.71 true
fp2e7a.wpc.phicdn.net 192.229.221.95 true
event.on24.com unknown unknown
email.sg.on24event.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sX1Eq71YPrDUZ9AWBYuZug8WOsDS2JKCWEw0C0cY5dg-2BNoxvW-2FZfuPkdxF2FhjyUD7cYkIWu0yvkXLO5eHNYMsd8u9noDmnzi-2BBdwDajGkieVruxj8mB4Sfcl8GqcP0VCEUzWa6Txm92a-2BMaySmMS2ezhFQ_fylF09WDx4VRLHs1TE6by7OSuCPsVuwyfOOTEuexYsY-2BtbYz0E6lOFn6KsXQ1L4ZTCWhuzvWjRsevsm9VNHVLEz4tOkP-2Bsk5R5Lro206tu1mSKvvaio66aKpxmfUQfxZMuOiy-2BGd0SUKSj9DdvneiuFVPTo5ui0lCAh9QIutGm-2Famqmgo7MSOz-2BCR4jPsgYnc4zA5ngpU7KhHtCa-2Bu51RctvYm39enX6XIZvjsUv9ZCNy-2Fhwp2xJIWlV6xSBCYhG-2BFASa7WWIvMHElHEDGA7JelwsGnqgKrunLsXruwTYrvvODvlATJa5cPbwgV90n3J5uCgHF-2FiAqXoOgnweMcxTw-3D-3D false
    		unknown