Windows Analysis Report
https://forms.office.com/pages/responsepage.aspx

Overview

General Information

Sample URL: https://forms.office.com/pages/responsepage.aspx
Analysis ID: 1541112
Infos:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Detected non-DNS traffic on DNS port

Classification

Source: https://forms.office.com/pages/responsepage.aspx HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:51555 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:51556 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:51557 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:51558 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:51594 version: TLS 1.2
Detected non-DNS traffic on DNS port
Source: global traffic TCP traffic: 192.168.2.4:51553 -> 162.159.36.2:53
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=NgOokCL3trhT+ob&MD=X3x5lUHR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /sls/ping HTTP/1.1Connection: Keep-AliveUser-Agent: DNS resiliency checker/1.0Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=NgOokCL3trhT+ob&MD=X3x5lUHR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=NgOokCL3trhT+ob&MD=X3x5lUHR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic DNS traffic detected: DNS query: forms.office.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: 241.42.69.40.in-addr.arpa
Source: chromecache_42.2.dr String found in binary or memory: https://cdn.forms.office.net/forms/css/dist/not-found-page.min.ca451f1.css
Source: chromecache_42.2.dr String found in binary or memory: https://cdn.forms.office.net/forms/images/favicon.ico
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51700
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 51639 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51583 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51640 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51686 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 51663 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51577 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51571 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51605 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51611 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51565 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51657 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51559 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51692 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51622 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51616 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51668 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51572 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51603
Source: unknown Network traffic detected: HTTP traffic on port 51679 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51604
Source: unknown Network traffic detected: HTTP traffic on port 51656 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51681 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51601
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51602
Source: unknown Network traffic detected: HTTP traffic on port 51599 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51607
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51608
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51605
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51606
Source: unknown Network traffic detected: HTTP traffic on port 51566 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51698 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51600 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51582 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51600
Source: unknown Network traffic detected: HTTP traffic on port 51617 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51623 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51609
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51614
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51615
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51612
Source: unknown Network traffic detected: HTTP traffic on port 51594 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51613
Source: unknown Network traffic detected: HTTP traffic on port 51628 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51618
Source: unknown Network traffic detected: HTTP traffic on port 51634 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51619
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51616
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51617
Source: unknown Network traffic detected: HTTP traffic on port 51651 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51610
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51611
Source: unknown Network traffic detected: HTTP traffic on port 51693 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51560 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51645 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51588 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51662 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51687 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51584
Source: unknown Network traffic detected: HTTP traffic on port 51650 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51585
Source: unknown Network traffic detected: HTTP traffic on port 51673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51582
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51583
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51588
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51589
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51586
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51587
Source: unknown Network traffic detected: HTTP traffic on port 51667 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51644 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51591
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51592
Source: unknown Network traffic detected: HTTP traffic on port 51615 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51621 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51590
Source: unknown Network traffic detected: HTTP traffic on port 51590 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51682 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51596 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51632 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51609 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51595
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51596
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51593
Source: unknown Network traffic detected: HTTP traffic on port 51699 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51594
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51599
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51597
Source: unknown Network traffic detected: HTTP traffic on port 51678 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51598
Source: unknown Network traffic detected: HTTP traffic on port 51561 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51626 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51555 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51633 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51595 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51610 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51604 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51589 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51562 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51694 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51627 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51661 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51556 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51688 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51655 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51573 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51567 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51638 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51584 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51578 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51649 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51683 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51666 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51631 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51669
Source: unknown Network traffic detected: HTTP traffic on port 51597 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51654 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51667
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51668
Source: unknown Network traffic detected: HTTP traffic on port 51602 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51661
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51662
Source: unknown Network traffic detected: HTTP traffic on port 51568 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51660
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51665
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51666
Source: unknown Network traffic detected: HTTP traffic on port 51580 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51663
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51664
Source: unknown Network traffic detected: HTTP traffic on port 51677 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51619 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51625 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51648 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51559
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51557
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51678
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51558
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51679
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51672
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51673
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51670
Source: unknown Network traffic detected: HTTP traffic on port 51636 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51671
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51555
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51676
Source: unknown Network traffic detected: HTTP traffic on port 51695 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51556
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51677
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51674
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51675
Source: unknown Network traffic detected: HTTP traffic on port 51643 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51586 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51680
Source: unknown Network traffic detected: HTTP traffic on port 51660 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51689 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51700 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51568
Source: unknown Network traffic detected: HTTP traffic on port 51608 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51689
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51569
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51562
Source: unknown Network traffic detected: HTTP traffic on port 51637 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51683
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51563
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51684
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51560
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51681
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51561
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51682
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51566
Source: unknown Network traffic detected: HTTP traffic on port 51671 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51687
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51567
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51688
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51564
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51685
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51565
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51686
Source: unknown Network traffic detected: HTTP traffic on port 51642 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51585 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51690
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51570
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51691
Source: unknown Network traffic detected: HTTP traffic on port 51579 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51665 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51684 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51579
Source: unknown Network traffic detected: HTTP traffic on port 51603 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51573
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51694
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51695
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51571
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51692
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51572
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51693
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51577
Source: unknown Network traffic detected: HTTP traffic on port 51563 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51698
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51578
Source: unknown Network traffic detected: HTTP traffic on port 51690 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51699
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51575
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51696
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51576
Source: unknown Network traffic detected: HTTP traffic on port 51659 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51676 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51697
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51580
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51581
Source: unknown Network traffic detected: HTTP traffic on port 51614 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51620 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51591 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51557 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51606 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51625
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51626
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51623
Source: unknown Network traffic detected: HTTP traffic on port 51629 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51624
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51629
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51627
Source: unknown Network traffic detected: HTTP traffic on port 51612 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51628
Source: unknown Network traffic detected: HTTP traffic on port 51635 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51621
Source: unknown Network traffic detected: HTTP traffic on port 51658 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51564 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51622
Source: unknown Network traffic detected: HTTP traffic on port 51696 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51620
Source: unknown Network traffic detected: HTTP traffic on port 51558 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51670 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51587 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51636
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51637
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51634
Source: unknown Network traffic detected: HTTP traffic on port 51569 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51635
Source: unknown Network traffic detected: HTTP traffic on port 51653 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51638
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51639
Source: unknown Network traffic detected: HTTP traffic on port 51601 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51632
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51633
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51630
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51631
Source: unknown Network traffic detected: HTTP traffic on port 51576 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51593 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51647 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51664 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51685 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51647
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51648
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51645
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51646
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51649
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51640
Source: unknown Network traffic detected: HTTP traffic on port 51652 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51643
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51644
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51641
Source: unknown Network traffic detected: HTTP traffic on port 51675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51691 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51642
Source: unknown Network traffic detected: HTTP traffic on port 51592 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51575 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51646 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51669 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51658
Source: unknown Network traffic detected: HTTP traffic on port 51680 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51607 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51659
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51656
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51657
Source: unknown Network traffic detected: HTTP traffic on port 51598 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51630 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51613 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51650
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51651
Source: unknown Network traffic detected: HTTP traffic on port 51697 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51654
Source: unknown Network traffic detected: HTTP traffic on port 51581 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51655
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51652
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51653
Source: unknown Network traffic detected: HTTP traffic on port 51618 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51641 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51624 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51570 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:51555 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:51556 version: TLS 1.2
Source: unknown HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:51557 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:51558 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.4:51594 version: TLS 1.2
Source: classification engine Classification label: clean0.win@16/4@6/4
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2456 --field-trial-handle=2428,i,11022075874199830910,17827284955539443085,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/pages/responsepage.aspx"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2456 --field-trial-handle=2428,i,11022075874199830910,17827284955539443085,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1541112 URL: https://forms.office.com/pa... Startdate: 24/10/2024 Architecture: WINDOWS Score: 0 14 www.google.com 2->14 16 shed.dual-low.s-part-0032.t-0009.t-msedge.net 2->16 18 2 other IPs or domains 2->18 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 20 192.168.2.4, 138, 443, 49383 unknown unknown 6->20 22 239.255.255.250 unknown Reserved 6->22 11 chrome.exe 6->11         started        process5 dnsIp6 24 142.250.185.196, 443, 51605 GOOGLEUS United States 11->24 26 www.google.com 142.250.186.100, 443, 49739 GOOGLEUS United States 11->26 28 forms.office.com 11->28
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
239.255.255.250
 unknown Reserved
unknown unknown false
142.250.185.196
 unknown United States
15169 GOOGLEUS false
142.250.186.100
 www.google.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.4

Contacted Domains

Name IP Active
www.google.com 142.250.186.100 true
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com 217.20.57.34 true
fp2e7a.wpc.phicdn.net 192.229.221.95 true
s-part-0032.t-0009.t-msedge.net 13.107.246.60 true
forms.office.com unknown unknown
241.42.69.40.in-addr.arpa unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://forms.office.com/pages/responsepage.aspx false
    		unknown