Windows Analysis Report
https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl

Overview

General Information

Sample URL:	https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUY
Analysis ID:	1541923
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:53536 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53568 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53569 version: TLS 1.2

Source:	Binary string: B.interval),this.pDb=!0,this.khe=new Date,so.show(Yc.a.eci),Jk.tSe()))}eo(B,X,sa){Array.add(this.bR,new Bv.a(!0,B,X,sa));zc.App.hv.MS()}forceOutbound(){}bYa(){return 4!==this._state}QJa(){1===this._state?this.$0a():this.ic&&2===this.ic.status&&(this.BZ(),this.gO.execute(B=>{B.wbb();B.uja();B.DUa()}))}get buf(){return!0}$0a(){var B=this.Jb.fileId?In.a.fmd(this.Jb.ei,"",this.Jb.km):In.a.fmd(wb.AFrameworkApplication.uo,zc.App.vgb,null),X=wb.AFrameworkApplication.J;B.ForceTransform=Ce.WoncaApp.xpc;B.IsNewFile= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: "RetryOnFailure";break;case 0:wb.AFrameworkApplication.oja.RetryReason="None";break;case 4:wb.AFrameworkApplication.oja.RetryReason="RedirectedClusterOnServer"}}gBf(){wb.AFrameworkApplication.oja.RetryStartTime=0<this.Acc?this.nCe.getTime():0;wb.AFrameworkApplication.oja.RetryCountWhileParsing=this.Acc;this.ufi(this.d9a);this.a_i()}a_i(){this.Acc=this.d9a=0}fv(B){this._state=4;B\|\|this.pDb\|\|Jk.tSe()}Mc(B,X,sa,La,eb,lb,Nb,fc=!1){wb.AFrameworkApplication.oja.BootFailed=!0;var mc={};mc.ErrorCode=B;mc.Message= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: !1;let va=0;ca.FW&&(pa=ca.ZA.Cla(V));this.UVf(V,xa,!1);var ra=V.cpBegin;V=V.node;this.ajj(la.a.Fe(V,ra+1));xa=V.pdb(ra);Ka=Ka(xa);xa.blob=Ka;if(ca.YHd&&6===xa.blob.zj){if(0<ra){const wa=V.Ba;va=wa.uXa(ra);0<=va-1&&(ra=wa.K(va-1),xa.$a=new ua.a(xa,ra.$a?ra.$a.fi:u.a.nil),!ca.FW&&ra.hyperlink&&this.Qe.cG(xa.$a))}ca.FW&&(pa?xa.Yk&&(xa.Yk=!1,V.Ba.K(va+1).Yk=!0):xa.$a&&xa.$a.cache.Xr&&this.Qe.cG(xa.$a))}if(D.a.instance.K(57))for(V.lq(),pa=Ka.v8,xa.$a&&pa--,V.wordRunProperties.JYa(Math.max(0,Ka.ef-1),2, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.ow.YD&&(ae.a.instance.K(58)&&this.yQ!==B.Cells.length-1&&(La.yb.enabled=0),this.j$f(La),this.ow=null,this.yQ++);sa=Jk.v9f(X.getTime());1>sa&&(sa=1);if(this.ow\|\|Jk.Xfa(sa)){this.gX+=sa;B=wb.AFrameworkApplication.J.vb("MaxBootDeserializationTimeInMs",0);if(0<B&&this.gX>B)return this.Mc(Yc.a.pzf,CommonUiStrings.CannotOpenFile,!1,!0,!1,null,null),this.Aw.dispose(),!1;this.setActive();return!1}}return!0}pFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm))this.hhh();else{var B= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,La,eb,lb,Nb,fc=null,mc=null,$c=0){super();this.nCe=this.khe=this.aF=this.vi=this.rx=this.nX=this.qh=this.Aw=null;this.gX=this.yQ=0;this.ow=null;this.bR=[];this.Jpe=null;this.d9a=this.Acc=0;this.pDb=this.Fpe=!1;this.pBa=null;this.lia=0;this.va=new hh.a;this.vS=null;this.Jb=B;this.aha=X;this.Ia=sa;this.gO=La;this.Ir=eb;this.S5b=fc;this.cac=Nb;zc.App.hv.register(this);this.bob=!0;this.iU="GraphSpaceRootReplicator";lb&&""!==lb&&(this.iU+="_"+lb);0<$c&&(mc\|\|(mc=zf.TaskManager.instance),mc.Fb(new Zc.a(3, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: 1,1E3*$c,vd=>{this.uDg(vd)},132)))}get IBd(){return this.Jpe\|\|(this.Jpe=ib.a.instance.resolve("Wonca.IGraphSpaceRootReplicatorErrorHandler"))}dIg(B){this.va.addHandler(Jk.nwd,B)}get O1(){return 4===this._state?super.O1:1}get eK(){return this.iU}uDg(B){4===this._state\|\|this.pDb\|\|(this.qh?vb.ULS.sendTraceTag(41821144,338,15,"GetCells still processing response when abort call came after {0} ms. Not aborting.",B.interval):(vb.ULS.sendTraceTag(41821145,338,15,"GetCells aborting boot after it did not complete in {0} ms.", source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: X);fr.a.UDb("InitializeLocalCobalt",B.InitializeLocalCobaltStartTime,B.InitializeLocalCobaltEndTime,X);this.Ir.Ac("ServerData",X)}}BZ(){wb.AFrameworkApplication.J.Z("RefactorParseServerResponseIsEnabled")?this.pFi():this.oFi()}oFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm)){if(!(wb.AFrameworkApplication.Uf\|\|ae.a.instance.K(58)&&zc.App.GIf)){var B={["RetryCount"]:this.lia,["StatusCode"]:this.ic.statusCode,["HttpStatus"]:this.ic.httpStatusCode.toString(),["HasResponseObjects"]:!Yo.a.Fva(this.ic.Qm)}; source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,2,fc),$c.hyperlink=null,eb=mc,La=!0;else if(La&&$c.Yk){this.Ind(B,$c,sa,2,fc);$c.Yk=!1;lb=$c.cp;Nb=mc;break}La&&$c.$a&&this.Cc.cG($c.$a)}sa=ad.ParagraphReader.text(B).substring(X.oc.cp,lb);this.fc.replaceTextRange(bi.a.createTextRange(B,X.oc.cp,lb),sa,!0,!1);for(X=eb;X<=Nb;)eb=B.Ba.K(X++),lb=B.pdb(eb.cp+sa.length),eb.$a&&(lb.$a=eb.$a.ld(lb));B.lq()}flc(B,X,sa){sa.wordRunProperties.Euc(X?B-1:B,2);ae.a.instance.K(57)&&(sa.wordRunProperties.EP.W(B,Nk.CharacterPropertiesEditor.u8),sa.wordRunProperties.yZ.W(B, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.i3f(ha);da.a.Keb().then(ia=>{ia.update(ha);return null})}i3f(ha){const {AFrameworkApplication:ia}=d(40343);this.nVc=ha;if(ia.fa){ia.Hmc();ia.fa.lJ(!1);const Y={};Y.activeDivZIndex=ia.fa.dY;ha.dialogHostProperties=Y}ha.dialogButtonsOption=void 0!==ha.dialogButtonsOption&&null!==ha.dialogButtonsOption?ha.dialogButtonsOption:this.lc;ha=this.PDb(1,ha);ha=this.PDb(2,ha);ha=this.PDb(3,ha);ha=this.PDb(4,ha);ha=this.PDb(0,ha);ha.defaultExecutionButton=ha.defaultExecutionButton\|\|this.c6a;ha.hideCloseButton= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: Ga):Va.end<hb.end?Ga++:r++}return R}mJe(r,R){let ja=!1;for(const Ga of R){R=Ga.errorDetails;ja=1===R.proofingType\|\|ja;let Va=r.pdb(Ga.begin);Va.Sm=new Jd(Va,R);Va.isFromErrorRangeSplit=!0;Va=r.pdb(Ga.end);Va.UJ=!0;Va.isFromErrorRangeSplit=!0}ja&&(r.SPb=!1)}uUf(r,R){if(!Lf.a.fh(R)){r=r.Ba;for(const ja of R){R=r.Cz(ja.begin);const Ga=r.Cz(ja.end);R&&R.Sm&&Ga&&Ga.UJ?(R.Sm=null,Ga.UJ=!1):(R=String.format("Could not find and remove ErrorRange from CHPs. Cp Begin: {0}, Cp End: {1}",ja.begin,ja.end),la.ULS.sendTraceTag(37532355, source: chromecache_156.2.dr, chromecache_165.2.dr

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.5:53390 -> 1.1.1.1:53

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /view?id=A2C259BD24DEB977!1517&resid=A2C259BD24DEB977!1517&authkey=!AMV6sdjMIZf95vs&wd=target(Quick%20Notes.one\|8266a05f-045a-4cc0-bddc-4debc90069bb/Notera%20H6TYD9J4rDFDFECZC-HUYW\|a949d04d-b4e2-4509-b99f-d04546199b7b/)&wdorigin=NavigationUrl&wdo=2&cid=a2c259bd24deb977 HTTP/1.1Host: onedrive.live.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:n6FtOs703Ig=:tX98Ha3Sg5aXwm0pEwZfe2mSMOl29Tq57MD4NgV4tbo=:F; xid=41096100-8b25-4477-a99f-3d75db735c7f&&ODSP-ODWEB-ODCF&345; xidseq=1
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /wise-m/owl/5mttl/production/100/manifest.js HTTP/1.1Host: wise-m.public.cdn.office.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=b8OvWspZ3u69mPy&MD=k5onZEPa HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /o/RemoteUls.ashx?build=16.0.18214.41004&waccluster=PUS6&usid=f019285c-7b15-42cb-9553-81e5180782a0 HTTP/1.1Host: usc-onenote.officeapps.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: xid=41096100-8b25-4477-a99f-3d75db735c7f&&ODSP-ODWEB-ODCF&345; E=P:Z32JOs703Ig=:ewBTIxDnzzRQBNKe4b5DGN0iuAdLcN3lzztHF37n8y0=:F; xidseq=2; wla42=
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /suite/RemoteTelemetry.ashx?usid=f019285c-7b15-42cb-9553-81e5180782a0 HTTP/1.1Host: common.online.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /o/AppSettingsHandler.ashx?app=OneNote&usid=f019285c-7b15-42cb-9553-81e5180782a0&build= HTTP/1.1Host: onenote.officeapps.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://onedrive.live.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://onedrive.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /o/AppSettingsHandler.ashx?app=OneNote&usid=f019285c-7b15-42cb-9553-81e5180782a0&build= HTTP/1.1Host: onenote.officeapps.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: xid=41096100-8b25-4477-a99f-3d75db735c7f&&ODSP-ODWEB-ODCF&345; E=P:Z32JOs703Ig=:ewBTIxDnzzRQBNKe4b5DGN0iuAdLcN3lzztHF37n8y0=:F; xidseq=2; wla42=
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=b8OvWspZ3u69mPy&MD=k5onZEPa HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: common.online.office.com
Source: global traffic	DNS traffic detected: DNS query: onenoteonline.nel.measure.office.net

Source: unknown

HTTP traffic detected: POST /suite/RemoteUls.ashx?usid=f019285c-7b15-42cb-9553-81e5180782a0&officeserverversion= HTTP/1.1Host: common.online.office.comConnection: keep-aliveContent-Length: 707sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://onedrive.live.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://onedrive.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_165.2.dr	String found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://1drv.ms
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://attributes.engagement.office-int.com
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://attributes.engagement.office.com
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://attributes.engagement.officeppe.com
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.dev.fluidpreview.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.dev.fluidpreview.office.net/fluid/dev
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.dev.fluidpreview.office.net/fluid/stg
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net/fluid/df
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net/fluid/gcc
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net/fluid/prod
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://contentstorage.osi.office.net/images/2f4febe2cca96f7f.gif
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://contentstorage.osi.office.net/images/eb14b3fe6a1e1671.png
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://ecs.office.com
Source: chromecache_165.2.dr	String found in binary or memory: https://fa000000096.resources.office.net
Source: chromecache_165.2.dr	String found in binary or memory: https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2210.23001/en-us_w
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2401.26003/en-us_w
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://feross.org
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_156.2.dr, chromecache_165.2.dr, chromecache_176.2.dr, chromecache_173.2.dr	String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: chromecache_173.2.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-dod.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-dod.cdn.office.net/fluid/dod
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-gcch.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-gcch.cdn.office.net/fluid/gcch
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-sdf.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.edog.officeapps.live.com/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.officeapps.live.com/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.officeapps.partner.office365.cn/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.osi.apps.mil/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.osi.office.de/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.osi.office365.us/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://support.office.com/article/7afcb4f3-4aa2-443a-9b08-125a5d692576
Source: chromecache_155.2.dr, chromecache_184.2.dr	String found in binary or memory: https://usc-onenote.officeapps.live.com/o/RemoteUls.ashx
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.apps.mil
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.eaglex.ic.gov
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.microsoft.scloud
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.office.com/root/index.fluid.js
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.office365.us

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 53420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53443 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 53489 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53500 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 53523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 53581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 53398 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53407 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 53397 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 53534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53421 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 53545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 53488 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 53604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 53410 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 53406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53479 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 53433 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 53567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 53571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 53509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 53478 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53422 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53445 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53467 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53411 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53603
Source: unknown	Network traffic detected: HTTP traffic on port 53428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53608
Source: unknown	Network traffic detected: HTTP traffic on port 53589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53607
Source: unknown	Network traffic detected: HTTP traffic on port 53463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53602
Source: unknown	Network traffic detected: HTTP traffic on port 53537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53601
Source: unknown	Network traffic detected: HTTP traffic on port 53514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53600
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53614
Source: unknown	Network traffic detected: HTTP traffic on port 53475 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53612
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53610
Source: unknown	Network traffic detected: HTTP traffic on port 53417 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53451 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53506
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53509
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53508
Source: unknown	Network traffic detected: HTTP traffic on port 53497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53501
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53500
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53395 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53518
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53517
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53515
Source: unknown	Network traffic detected: HTTP traffic on port 53590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 53429 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 53485 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53519
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53510
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 53605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53514
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53513
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53512
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53511
Source: unknown	Network traffic detected: HTTP traffic on port 53503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53409 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53591 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53453 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53499 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53393 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53441 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53465 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53430 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53487 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53431 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53419 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53442 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53449
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53444
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53565
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53564
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53442
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53563
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53441
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53562
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53448
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53569
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53447
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53446
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53445
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53566
Source: unknown	Network traffic detected: HTTP traffic on port 53552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53451
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53450
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53571
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53570
Source: unknown	Network traffic detected: HTTP traffic on port 53598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53414 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53437 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53483 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53455
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53454
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53575
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53453
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53574
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53452
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53459
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53458
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53579
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53457
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53578
Source: unknown	Network traffic detected: HTTP traffic on port 53402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53456
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53577
Source: unknown	Network traffic detected: HTTP traffic on port 53608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53462
Source: unknown	Network traffic detected: HTTP traffic on port 53472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53583
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53461
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53582
Source: unknown	Network traffic detected: HTTP traffic on port 53448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53460
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53581
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53580
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53466
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53465
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53586
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53464
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53585
Source: unknown	Network traffic detected: HTTP traffic on port 53426 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53463
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53469
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53468
Source: unknown	Network traffic detected: HTTP traffic on port 53551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53589
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53467
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53588
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53590
Source: unknown	Network traffic detected: HTTP traffic on port 53494 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53473
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53594
Source: unknown	Network traffic detected: HTTP traffic on port 53471 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53472
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53471
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53592
Source: unknown	Network traffic detected: HTTP traffic on port 53449 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53470
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53591
Source: unknown	Network traffic detected: HTTP traffic on port 53506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53476
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53475
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53474
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53595
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53479
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53478
Source: unknown	Network traffic detected: HTTP traffic on port 53517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53599
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53480
Source: unknown	Network traffic detected: HTTP traffic on port 53576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53483
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53482
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53481
Source: unknown	Network traffic detected: HTTP traffic on port 53392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53415 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53408
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53529
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53407
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53406
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53405
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53526
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53409
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53400
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53521
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53403
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53523
Source: unknown	Network traffic detected: HTTP traffic on port 53401 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53401
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53522
Source: unknown	Network traffic detected: HTTP traffic on port 53527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53496 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53473 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53419
Source: unknown	Network traffic detected: HTTP traffic on port 53515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53418
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53539
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53417
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53416
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53411
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53410
Source: unknown	Network traffic detected: HTTP traffic on port 53462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53531
Source: unknown	Network traffic detected: HTTP traffic on port 53427 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53415
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53414
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53413
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53412
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53533
Source: unknown	Network traffic detected: HTTP traffic on port 53550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53438 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53429
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53549
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53427
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53548
Source: unknown	Network traffic detected: HTTP traffic on port 53484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53422
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53543
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53421
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53420
Source: unknown	Network traffic detected: HTTP traffic on port 53461 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53540
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53426
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53547
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53425
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53424
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53545
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53423
Source: unknown	Network traffic detected: HTTP traffic on port 53516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53544
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53550
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53439 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53391 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53416 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53439
Source: unknown	Network traffic detected: HTTP traffic on port 53538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53438
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53433
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53554
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53432
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53431
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53430
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53437
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53558
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53436
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53557
Source: unknown	Network traffic detected: HTTP traffic on port 53400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53435
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53434
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53555
Source: unknown	Network traffic detected: HTTP traffic on port 53549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53440
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53561
Source: unknown	Network traffic detected: HTTP traffic on port 53495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53560
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53457 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53405 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53492 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53469 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53412 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53435 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:53536 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53568 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53569 version: TLS 1.2

Source: chromecache_156.2.dr, chromecache_165.2.dr

Binary or memory string: new w.a(u.a.Bd());const t=".3gp .aa .aac .aax .act .aiff .amr .ape .au .awb .dct .dss .dvf .flac .gsm .iklax .ivs .m4a .m4b .m4p .mmf .mp3 .mpc .msv .ogg .oga .mogg .opus .ra .rm .raw .sln .tta .vox .wav .webm .wma .wv".split(" ");for(const J of t)G.A9b.add(J)}return G.A9b}static Z2h(t){return G.yLh().contains(t)}static T7h(t){t=x.iwh(t);return""!==document.createElement("audio").canPlayType(t)}}G.A9b=null;(0,C.a)(G,"EmbeddedFileReaderUtils",null,[])},94099:function(C,L,d){d.d(L,{a:function(){return h}});

Source: classification engine

Classification label: mal48.win@22/68@14/7

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1740,i,10532031044460089774,2200716267043631904,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1740,i,10532031044460089774,2200716267043631904,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: B.interval),this.pDb=!0,this.khe=new Date,so.show(Yc.a.eci),Jk.tSe()))}eo(B,X,sa){Array.add(this.bR,new Bv.a(!0,B,X,sa));zc.App.hv.MS()}forceOutbound(){}bYa(){return 4!==this._state}QJa(){1===this._state?this.$0a():this.ic&&2===this.ic.status&&(this.BZ(),this.gO.execute(B=>{B.wbb();B.uja();B.DUa()}))}get buf(){return!0}$0a(){var B=this.Jb.fileId?In.a.fmd(this.Jb.ei,"",this.Jb.km):In.a.fmd(wb.AFrameworkApplication.uo,zc.App.vgb,null),X=wb.AFrameworkApplication.J;B.ForceTransform=Ce.WoncaApp.xpc;B.IsNewFile= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: "RetryOnFailure";break;case 0:wb.AFrameworkApplication.oja.RetryReason="None";break;case 4:wb.AFrameworkApplication.oja.RetryReason="RedirectedClusterOnServer"}}gBf(){wb.AFrameworkApplication.oja.RetryStartTime=0<this.Acc?this.nCe.getTime():0;wb.AFrameworkApplication.oja.RetryCountWhileParsing=this.Acc;this.ufi(this.d9a);this.a_i()}a_i(){this.Acc=this.d9a=0}fv(B){this._state=4;B\|\|this.pDb\|\|Jk.tSe()}Mc(B,X,sa,La,eb,lb,Nb,fc=!1){wb.AFrameworkApplication.oja.BootFailed=!0;var mc={};mc.ErrorCode=B;mc.Message= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: !1;let va=0;ca.FW&&(pa=ca.ZA.Cla(V));this.UVf(V,xa,!1);var ra=V.cpBegin;V=V.node;this.ajj(la.a.Fe(V,ra+1));xa=V.pdb(ra);Ka=Ka(xa);xa.blob=Ka;if(ca.YHd&&6===xa.blob.zj){if(0<ra){const wa=V.Ba;va=wa.uXa(ra);0<=va-1&&(ra=wa.K(va-1),xa.$a=new ua.a(xa,ra.$a?ra.$a.fi:u.a.nil),!ca.FW&&ra.hyperlink&&this.Qe.cG(xa.$a))}ca.FW&&(pa?xa.Yk&&(xa.Yk=!1,V.Ba.K(va+1).Yk=!0):xa.$a&&xa.$a.cache.Xr&&this.Qe.cG(xa.$a))}if(D.a.instance.K(57))for(V.lq(),pa=Ka.v8,xa.$a&&pa--,V.wordRunProperties.JYa(Math.max(0,Ka.ef-1),2, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.ow.YD&&(ae.a.instance.K(58)&&this.yQ!==B.Cells.length-1&&(La.yb.enabled=0),this.j$f(La),this.ow=null,this.yQ++);sa=Jk.v9f(X.getTime());1>sa&&(sa=1);if(this.ow\|\|Jk.Xfa(sa)){this.gX+=sa;B=wb.AFrameworkApplication.J.vb("MaxBootDeserializationTimeInMs",0);if(0<B&&this.gX>B)return this.Mc(Yc.a.pzf,CommonUiStrings.CannotOpenFile,!1,!0,!1,null,null),this.Aw.dispose(),!1;this.setActive();return!1}}return!0}pFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm))this.hhh();else{var B= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,La,eb,lb,Nb,fc=null,mc=null,$c=0){super();this.nCe=this.khe=this.aF=this.vi=this.rx=this.nX=this.qh=this.Aw=null;this.gX=this.yQ=0;this.ow=null;this.bR=[];this.Jpe=null;this.d9a=this.Acc=0;this.pDb=this.Fpe=!1;this.pBa=null;this.lia=0;this.va=new hh.a;this.vS=null;this.Jb=B;this.aha=X;this.Ia=sa;this.gO=La;this.Ir=eb;this.S5b=fc;this.cac=Nb;zc.App.hv.register(this);this.bob=!0;this.iU="GraphSpaceRootReplicator";lb&&""!==lb&&(this.iU+="_"+lb);0<$c&&(mc\|\|(mc=zf.TaskManager.instance),mc.Fb(new Zc.a(3, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: 1,1E3*$c,vd=>{this.uDg(vd)},132)))}get IBd(){return this.Jpe\|\|(this.Jpe=ib.a.instance.resolve("Wonca.IGraphSpaceRootReplicatorErrorHandler"))}dIg(B){this.va.addHandler(Jk.nwd,B)}get O1(){return 4===this._state?super.O1:1}get eK(){return this.iU}uDg(B){4===this._state\|\|this.pDb\|\|(this.qh?vb.ULS.sendTraceTag(41821144,338,15,"GetCells still processing response when abort call came after {0} ms. Not aborting.",B.interval):(vb.ULS.sendTraceTag(41821145,338,15,"GetCells aborting boot after it did not complete in {0} ms.", source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: X);fr.a.UDb("InitializeLocalCobalt",B.InitializeLocalCobaltStartTime,B.InitializeLocalCobaltEndTime,X);this.Ir.Ac("ServerData",X)}}BZ(){wb.AFrameworkApplication.J.Z("RefactorParseServerResponseIsEnabled")?this.pFi():this.oFi()}oFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm)){if(!(wb.AFrameworkApplication.Uf\|\|ae.a.instance.K(58)&&zc.App.GIf)){var B={["RetryCount"]:this.lia,["StatusCode"]:this.ic.statusCode,["HttpStatus"]:this.ic.httpStatusCode.toString(),["HasResponseObjects"]:!Yo.a.Fva(this.ic.Qm)}; source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,2,fc),$c.hyperlink=null,eb=mc,La=!0;else if(La&&$c.Yk){this.Ind(B,$c,sa,2,fc);$c.Yk=!1;lb=$c.cp;Nb=mc;break}La&&$c.$a&&this.Cc.cG($c.$a)}sa=ad.ParagraphReader.text(B).substring(X.oc.cp,lb);this.fc.replaceTextRange(bi.a.createTextRange(B,X.oc.cp,lb),sa,!0,!1);for(X=eb;X<=Nb;)eb=B.Ba.K(X++),lb=B.pdb(eb.cp+sa.length),eb.$a&&(lb.$a=eb.$a.ld(lb));B.lq()}flc(B,X,sa){sa.wordRunProperties.Euc(X?B-1:B,2);ae.a.instance.K(57)&&(sa.wordRunProperties.EP.W(B,Nk.CharacterPropertiesEditor.u8),sa.wordRunProperties.yZ.W(B, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.i3f(ha);da.a.Keb().then(ia=>{ia.update(ha);return null})}i3f(ha){const {AFrameworkApplication:ia}=d(40343);this.nVc=ha;if(ia.fa){ia.Hmc();ia.fa.lJ(!1);const Y={};Y.activeDivZIndex=ia.fa.dY;ha.dialogHostProperties=Y}ha.dialogButtonsOption=void 0!==ha.dialogButtonsOption&&null!==ha.dialogButtonsOption?ha.dialogButtonsOption:this.lc;ha=this.PDb(1,ha);ha=this.PDb(2,ha);ha=this.PDb(3,ha);ha=this.PDb(4,ha);ha=this.PDb(0,ha);ha.defaultExecutionButton=ha.defaultExecutionButton\|\|this.c6a;ha.hideCloseButton= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: Ga):Va.end<hb.end?Ga++:r++}return R}mJe(r,R){let ja=!1;for(const Ga of R){R=Ga.errorDetails;ja=1===R.proofingType\|\|ja;let Va=r.pdb(Ga.begin);Va.Sm=new Jd(Va,R);Va.isFromErrorRangeSplit=!0;Va=r.pdb(Ga.end);Va.UJ=!0;Va.isFromErrorRangeSplit=!0}ja&&(r.SPb=!1)}uUf(r,R){if(!Lf.a.fh(R)){r=r.Ba;for(const ja of R){R=r.Cz(ja.begin);const Ga=r.Cz(ja.end);R&&R.Sm&&Ga&&Ga.UJ?(R.Sm=null,Ga.UJ=!1):(R=String.format("Could not find and remove ErrorRange from CHPs. Cp Begin: {0}, Cp End: {1}",ja.begin,ja.end),la.ULS.sendTraceTag(37532355, source: chromecache_156.2.dr, chromecache_165.2.dr

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.139.11	dual-spov-0006.spov-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.108.8.12	wac-0003.wac-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.108.11.12	wac-0003.wac-dc-msedge.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
152.199.21.175	sni1gl.wpc.sigmacdn.net	United States	15133	EDGECASTUS	false
172.217.16.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.5

Contacted Domains

Name	IP	Active
dual-spov-0006.spov-msedge.net	13.107.139.11	true
wac-0003.wac-msedge.net	52.108.8.12	true
s-part-0044.t-0009.fb-t-msedge.net	13.107.253.72	true
www.google.com	172.217.16.132	true
wac-0003.wac-dc-msedge.net	52.108.11.12	true
sni1gl.wpc.sigmacdn.net	152.199.21.175	true
onenoteonline.nel.measure.office.net	unknown	unknown
common.online.office.com	unknown	unknown
onedrive.live.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://onedrive.live.com/view?id=A2C259BD24DEB977!1517&resid=A2C259BD24DEB977!1517&authkey=!AMV6sdjMIZf95vs&wd=target(Quick%20Notes.one\|8266a05f-045a-4cc0-bddc-4debc90069bb/Notera%20H6TYD9J4rDFDFECZC-HUYW\|a949d04d-b4e2-4509-b99f-d04546199b7b/)&wdorigin=NavigationUrl&wdo=2&cid=a2c259bd24deb977	false	unknown
https://common.online.office.com/suite/RemoteTelemetry.ashx?usid=f019285c-7b15-42cb-9553-81e5180782a0	false	unknown
https://common.online.office.com/suite/RemoteUls.ashx?usid=f019285c-7b15-42cb-9553-81e5180782a0&officeserverversion=	false	unknown
https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:22:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	2F9020C8D76FFCCFE60F5147A0F043EC	69909778A0BCB46BD4191594984959F4C789079A	D2D18BF8F4600A1C8FB2BC69CA37DB9809B06B225551DA45D263A83FF30E58CF
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:22:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	0E4AB94F6F5C1900CF4C302F24E47CE9	C167873A477FEFCB95010E3A87A3EBCBB0EA02B5	49B3A3D8085B7D271428A510DCBD714C75352168381A31DFBC61576B1D7CAC67
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	EBEFE555CFF9BA9AC5A41E49F53F4479	9FA9754FB0F94A172F7171662D39EC51A068AD94	2CF823335B64D9CE663D44B65AF2088278DEE3826092F700A91C3F4EC4DDA5C9
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:22:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	613BA90573E0196B12B77FDD78FB5520	8618D804F7EF4A20B29E166AD8BCA8A539C72C81	BF68312E7688D080653F9F4326BCD30BD95719EAEBD3E6FC4E2FE8F4D0430A03
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:22:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	19580E25F038F579B3A2E636C21F9236	502EAE9B795AB794561708A9CB445B443437C335	0466E0F3AF2A7F98C15FB078BDCDDF26B07E9FED7E3CC61B3A60D637C44A0B14
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 07:22:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	12C3521773AE1AC77AA3478438591D57	6019632DCB3F54E44EBCB89C710646434C833974	350342A360DAD2F8BEFE39D88B47198E905240835C729FEF635740256C4C02C6
Chrome Cache Entry: 150	ASCII text, with very long lines (65476)	3B09284824C13B8CDC6961C0E67F3882	D3E3DA90328D47BB43887CE0FA6176C936082B43	6D3D61BC8A71041247CFB1C1CB8A7072CC3030B020B9F43845662EF1A05FA161
Chrome Cache Entry: 151	ASCII text, with very long lines (5949), with no line terminators	BBF6A2B6E77972F0718F99C86AE3FE92	806E8C002AE178B41819BEAFE123AE09202DF966	78FF6158246E4FA25F994827F90ED69FEEF349AA57449CB404E35C3026BD4B8A
Chrome Cache Entry: 152	ASCII text, with very long lines (38617), with no line terminators	FE1E3F510D9B8C6F79E1E5E52362BC6E	5E3B968543A37E7AD3AA50B2536420DEE762C069	82C1D484D2DD8CC012FC9DED6FE545E4D83C6232337038B1A57BCEDEEFF70193
Chrome Cache Entry: 153	ASCII text, with very long lines (14666), with no line terminators	8880E957219B056B26B67D88CB7FFFF5	BE024ABFE99C2DC447191E2C59DD96FD9352E2C4	4BBB0DBB03A136E993BB2FB363455E7DCABF84CBB17DE37AD6168B9326E56909
Chrome Cache Entry: 154	ASCII text, with very long lines (57788)	BC93B7FD04F68A94312B547CEF297451	59EA29125AD34035D985DA7C32668D1570BA2FE0	E55ED51D4941518F0B995EDF3557D3845DB5B91E0EA9F7BA771DC14A312871A1
Chrome Cache Entry: 155	JSON data	B8C44449713C23488B4F29E129A44C95	ABC0A4F770EDA53463DA0C9E271937885DACCB58	619A33FD6BAA8EADF3C0F55717D4AFE97EC82399CAE00DD2DE7E43F206690B8F
Chrome Cache Entry: 156	ASCII text, with very long lines (627)	1C61FE06C85D5FFC9CF7D5B86223536C	344E99D68E02BB0FA288771EC17854808296FB4F	F2D4A670C00B7D9D0A78E95BF95FDA4F5C70B9972450E08A75E1BB021E580C91
Chrome Cache Entry: 157	ASCII text, with very long lines (5650)	3DF34E6823F5251F3F7DD1A615219AFF	F40F0D471C03F98F1C493069ED75415DD636B905	900418B149C3F940DF6DFCE7472FFC799AF3807D13521ACF43F6245A619FF776
Chrome Cache Entry: 158	ASCII text, with very long lines (65536), with no line terminators	9DECB0C734D0ECAD3E60A93F23DB8F39	96BC3698D305077A5A5CF09303BE1195FA65824C	54C618DE71735F3693D0DF3ACD1A36DD17AFF1655D09A0F2A23A314F9BA92765
Chrome Cache Entry: 159	ASCII text, with very long lines (351)	508D5DDAE99658C5DADBDD91124580F2	757E67BBD709A1DC061F88105AB69A99012908AA	56A5A66F6804BA58C32736A87B1DB8CE78B66A5C4F91F21E753B866CF7CE6BA6
Chrome Cache Entry: 160	Unicode text, UTF-8 text, with very long lines (56385)	BC553108CB200A9A9036DD8FC379767F	F5C8EA36367061664B738BC1C46C8192E3C8B97A	A8A93A5AD7BFEBE0381A319F2681457CB386F9B645C594FB443640677F5857B5
Chrome Cache Entry: 161	ASCII text, with very long lines (27024), with CRLF line terminators	A230E20FEECBB758D7C13303A657EEDD	F12606CCE8600D9DFB5316610EE5177BA51B0CE9	816A0F42A2BF473213A47BE1DDE62215811D54AF1151A1E9916DC215DF6EC776
Chrome Cache Entry: 162	ASCII text, with very long lines (65536), with no line terminators	9747CFD352DC4A728F7197577D939A01	A86856D0FB47046A9578FBCF1B3F4846684C10FF	776C63720217ABF62AB3945E9AD5FD66C97CEBB88F5A2AD225867B85D9BA08F3
Chrome Cache Entry: 163	ASCII text, with very long lines (7708)	DDD63B48AF585746957581C2465786B8	D57B0B43445D410B476B2FE9EB6C685E297851AE	1F40B9A806FAA70C1C142A9AD7EB4EAA84A3F3A18184ADFF6AEA4B21A2C60A9D
Chrome Cache Entry: 164	Unicode text, UTF-8 text, with very long lines (65530), with no line terminators	A79F48E6E75920EAC571FFBAEDAD667A	1058C1417B1C18C127EE477CF250A2BBD2D7C211	C34867173151FBA54D6453846BE6B4028397018A76D7ECB70CF38A0AFDA072DF
Chrome Cache Entry: 165	ASCII text, with very long lines (627)	1C61FE06C85D5FFC9CF7D5B86223536C	344E99D68E02BB0FA288771EC17854808296FB4F	F2D4A670C00B7D9D0A78E95BF95FDA4F5C70B9972450E08A75E1BB021E580C91
Chrome Cache Entry: 166	ASCII text, with very long lines (65536), with no line terminators	28AE8A97F4ABA21B7C2E35059829E3A2	B7B1145ADB4697AD6D781BF6D63F9C6F7FBF3A93	6DEFAE634ACD4E2356838DEE0DD0213411310C26A2D9720C2C85058B7771B1BE
Chrome Cache Entry: 167	ASCII text, with very long lines (65536), with no line terminators	7E93C384B574C1D19DF910D525EC3789	EDF6EBFAF4A1F29E76B4094BB5B9DFB57388ECA6	16AB414F8B420754EB7D8095EF2E2953C18C442E173B1CBC1603CB0E19F1CC95
Chrome Cache Entry: 168	ASCII text, with very long lines (65536), with no line terminators	76328F92AA8FCDC94FBCB570CE57D76C	CA9D64B517CD0E8474F8FCFF4101B3A88E5F9EB2	E15A3B74A760F470FE602177F03B496FED3243E19CCD6BC359AD48DE7E5C4F11
Chrome Cache Entry: 169	ASCII text, with very long lines (38617), with no line terminators	FE1E3F510D9B8C6F79E1E5E52362BC6E	5E3B968543A37E7AD3AA50B2536420DEE762C069	82C1D484D2DD8CC012FC9DED6FE545E4D83C6232337038B1A57BCEDEEFF70193
Chrome Cache Entry: 170	ASCII text, with very long lines (30497), with no line terminators	E55F3C2F2F2F2A339E4B0A08030E9803	729D608C534829E07F5DCDBBD75BBC031A9E9D9A	40CBE329851D4261E0E4A3B3665FD1025747AAC3CBFD87689CF3F2689CACF4E9
Chrome Cache Entry: 171	Unicode text, UTF-8 text, with very long lines (56385)	BC553108CB200A9A9036DD8FC379767F	F5C8EA36367061664B738BC1C46C8192E3C8B97A	A8A93A5AD7BFEBE0381A319F2681457CB386F9B645C594FB443640677F5857B5
Chrome Cache Entry: 172	HTML document, ASCII text, with CRLF line terminators	D29FA9F2AB3A72F2608E8E82C8C3D1C6	8B21CC06752837B4B6B8FEF8D54F50EB2C7CCA8F	E1B0A10649C4B92F828523EFC2EBE135EA9488179A2816888D1E84F786202DBF
Chrome Cache Entry: 173	ASCII text, with very long lines (49535)	C6D77B4F01A5CD71C41C5AC1367CAA94	6BF37C89FDE94FE2ABECBFF6930D8540FC8381DB	1DF5CD4A9E8FF36C38EE1D69054EC658B1033DD70CDFA8FBE00035240BADBC2F
Chrome Cache Entry: 174	Unicode text, UTF-8 text, with very long lines (65530), with no line terminators	A79F48E6E75920EAC571FFBAEDAD667A	1058C1417B1C18C127EE477CF250A2BBD2D7C211	C34867173151FBA54D6453846BE6B4028397018A76D7ECB70CF38A0AFDA072DF
Chrome Cache Entry: 175	ASCII text, with very long lines (65536), with no line terminators	28AE8A97F4ABA21B7C2E35059829E3A2	B7B1145ADB4697AD6D781BF6D63F9C6F7FBF3A93	6DEFAE634ACD4E2356838DEE0DD0213411310C26A2D9720C2C85058B7771B1BE
Chrome Cache Entry: 176	ASCII text, with very long lines (49535)	C6D77B4F01A5CD71C41C5AC1367CAA94	6BF37C89FDE94FE2ABECBFF6930D8540FC8381DB	1DF5CD4A9E8FF36C38EE1D69054EC658B1033DD70CDFA8FBE00035240BADBC2F
Chrome Cache Entry: 177	ASCII text, with very long lines (351)	508D5DDAE99658C5DADBDD91124580F2	757E67BBD709A1DC061F88105AB69A99012908AA	56A5A66F6804BA58C32736A87B1DB8CE78B66A5C4F91F21E753B866CF7CE6BA6
Chrome Cache Entry: 178	ASCII text, with very long lines (5650)	3DF34E6823F5251F3F7DD1A615219AFF	F40F0D471C03F98F1C493069ED75415DD636B905	900418B149C3F940DF6DFCE7472FFC799AF3807D13521ACF43F6245A619FF776
Chrome Cache Entry: 179	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 180	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 181	ASCII text, with very long lines (65476)	3B09284824C13B8CDC6961C0E67F3882	D3E3DA90328D47BB43887CE0FA6176C936082B43	6D3D61BC8A71041247CFB1C1CB8A7072CC3030B020B9F43845662EF1A05FA161
Chrome Cache Entry: 182	ASCII text, with very long lines (14666), with no line terminators	8880E957219B056B26B67D88CB7FFFF5	BE024ABFE99C2DC447191E2C59DD96FD9352E2C4	4BBB0DBB03A136E993BB2FB363455E7DCABF84CBB17DE37AD6168B9326E56909
Chrome Cache Entry: 183	ASCII text, with very long lines (65536), with no line terminators	9747CFD352DC4A728F7197577D939A01	A86856D0FB47046A9578FBCF1B3F4846684C10FF	776C63720217ABF62AB3945E9AD5FD66C97CEBB88F5A2AD225867B85D9BA08F3
Chrome Cache Entry: 184	JSON data	30B5328385636CEBD8201B9751FE8CFF	AF1749E9B3C1F68739028D23B160CB8EA13AE837	892ABE66A8611D893E8206A645E186E3AF78168F0B2DE10503FC78037AF4411A
Chrome Cache Entry: 185	ASCII text, with very long lines (57788)	BC93B7FD04F68A94312B547CEF297451	59EA29125AD34035D985DA7C32668D1570BA2FE0	E55ED51D4941518F0B995EDF3557D3845DB5B91E0EA9F7BA771DC14A312871A1
Chrome Cache Entry: 186	ASCII text, with very long lines (65536), with no line terminators	9DECB0C734D0ECAD3E60A93F23DB8F39	96BC3698D305077A5A5CF09303BE1195FA65824C	54C618DE71735F3693D0DF3ACD1A36DD17AFF1655D09A0F2A23A314F9BA92765
Chrome Cache Entry: 187	ASCII text, with very long lines (65536), with no line terminators	7E93C384B574C1D19DF910D525EC3789	EDF6EBFAF4A1F29E76B4094BB5B9DFB57388ECA6	16AB414F8B420754EB7D8095EF2E2953C18C442E173B1CBC1603CB0E19F1CC95
Chrome Cache Entry: 188	ASCII text, with very long lines (30497), with no line terminators	E55F3C2F2F2F2A339E4B0A08030E9803	729D608C534829E07F5DCDBBD75BBC031A9E9D9A	40CBE329851D4261E0E4A3B3665FD1025747AAC3CBFD87689CF3F2689CACF4E9
Chrome Cache Entry: 189	ASCII text, with no line terminators	825644F747BAAB2C00E420DBBC39E4B3	10588307553E766AB3C7D328D948DC6754893CEF	7C41B898C5DA0CFA4AA049B65EF50248BCE9A72D24BEF4C723786431921B75AA
Chrome Cache Entry: 190	ASCII text, with very long lines (5949), with no line terminators	BBF6A2B6E77972F0718F99C86AE3FE92	806E8C002AE178B41819BEAFE123AE09202DF966	78FF6158246E4FA25F994827F90ED69FEEF349AA57449CB404E35C3026BD4B8A
Chrome Cache Entry: 191	ASCII text, with very long lines (7708)	DDD63B48AF585746957581C2465786B8	D57B0B43445D410B476B2FE9EB6C685E297851AE	1F40B9A806FAA70C1C142A9AD7EB4EAA84A3F3A18184ADFF6AEA4B21A2C60A9D

AV Detection

Antivirus / Scanner detection for submitted sample

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:53536 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53568 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53569 version: TLS 1.2

Source:	Binary string: B.interval),this.pDb=!0,this.khe=new Date,so.show(Yc.a.eci),Jk.tSe()))}eo(B,X,sa){Array.add(this.bR,new Bv.a(!0,B,X,sa));zc.App.hv.MS()}forceOutbound(){}bYa(){return 4!==this._state}QJa(){1===this._state?this.$0a():this.ic&&2===this.ic.status&&(this.BZ(),this.gO.execute(B=>{B.wbb();B.uja();B.DUa()}))}get buf(){return!0}$0a(){var B=this.Jb.fileId?In.a.fmd(this.Jb.ei,"",this.Jb.km):In.a.fmd(wb.AFrameworkApplication.uo,zc.App.vgb,null),X=wb.AFrameworkApplication.J;B.ForceTransform=Ce.WoncaApp.xpc;B.IsNewFile= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: "RetryOnFailure";break;case 0:wb.AFrameworkApplication.oja.RetryReason="None";break;case 4:wb.AFrameworkApplication.oja.RetryReason="RedirectedClusterOnServer"}}gBf(){wb.AFrameworkApplication.oja.RetryStartTime=0<this.Acc?this.nCe.getTime():0;wb.AFrameworkApplication.oja.RetryCountWhileParsing=this.Acc;this.ufi(this.d9a);this.a_i()}a_i(){this.Acc=this.d9a=0}fv(B){this._state=4;B\|\|this.pDb\|\|Jk.tSe()}Mc(B,X,sa,La,eb,lb,Nb,fc=!1){wb.AFrameworkApplication.oja.BootFailed=!0;var mc={};mc.ErrorCode=B;mc.Message= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: !1;let va=0;ca.FW&&(pa=ca.ZA.Cla(V));this.UVf(V,xa,!1);var ra=V.cpBegin;V=V.node;this.ajj(la.a.Fe(V,ra+1));xa=V.pdb(ra);Ka=Ka(xa);xa.blob=Ka;if(ca.YHd&&6===xa.blob.zj){if(0<ra){const wa=V.Ba;va=wa.uXa(ra);0<=va-1&&(ra=wa.K(va-1),xa.$a=new ua.a(xa,ra.$a?ra.$a.fi:u.a.nil),!ca.FW&&ra.hyperlink&&this.Qe.cG(xa.$a))}ca.FW&&(pa?xa.Yk&&(xa.Yk=!1,V.Ba.K(va+1).Yk=!0):xa.$a&&xa.$a.cache.Xr&&this.Qe.cG(xa.$a))}if(D.a.instance.K(57))for(V.lq(),pa=Ka.v8,xa.$a&&pa--,V.wordRunProperties.JYa(Math.max(0,Ka.ef-1),2, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.ow.YD&&(ae.a.instance.K(58)&&this.yQ!==B.Cells.length-1&&(La.yb.enabled=0),this.j$f(La),this.ow=null,this.yQ++);sa=Jk.v9f(X.getTime());1>sa&&(sa=1);if(this.ow\|\|Jk.Xfa(sa)){this.gX+=sa;B=wb.AFrameworkApplication.J.vb("MaxBootDeserializationTimeInMs",0);if(0<B&&this.gX>B)return this.Mc(Yc.a.pzf,CommonUiStrings.CannotOpenFile,!1,!0,!1,null,null),this.Aw.dispose(),!1;this.setActive();return!1}}return!0}pFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm))this.hhh();else{var B= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,La,eb,lb,Nb,fc=null,mc=null,$c=0){super();this.nCe=this.khe=this.aF=this.vi=this.rx=this.nX=this.qh=this.Aw=null;this.gX=this.yQ=0;this.ow=null;this.bR=[];this.Jpe=null;this.d9a=this.Acc=0;this.pDb=this.Fpe=!1;this.pBa=null;this.lia=0;this.va=new hh.a;this.vS=null;this.Jb=B;this.aha=X;this.Ia=sa;this.gO=La;this.Ir=eb;this.S5b=fc;this.cac=Nb;zc.App.hv.register(this);this.bob=!0;this.iU="GraphSpaceRootReplicator";lb&&""!==lb&&(this.iU+="_"+lb);0<$c&&(mc\|\|(mc=zf.TaskManager.instance),mc.Fb(new Zc.a(3, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: 1,1E3*$c,vd=>{this.uDg(vd)},132)))}get IBd(){return this.Jpe\|\|(this.Jpe=ib.a.instance.resolve("Wonca.IGraphSpaceRootReplicatorErrorHandler"))}dIg(B){this.va.addHandler(Jk.nwd,B)}get O1(){return 4===this._state?super.O1:1}get eK(){return this.iU}uDg(B){4===this._state\|\|this.pDb\|\|(this.qh?vb.ULS.sendTraceTag(41821144,338,15,"GetCells still processing response when abort call came after {0} ms. Not aborting.",B.interval):(vb.ULS.sendTraceTag(41821145,338,15,"GetCells aborting boot after it did not complete in {0} ms.", source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: X);fr.a.UDb("InitializeLocalCobalt",B.InitializeLocalCobaltStartTime,B.InitializeLocalCobaltEndTime,X);this.Ir.Ac("ServerData",X)}}BZ(){wb.AFrameworkApplication.J.Z("RefactorParseServerResponseIsEnabled")?this.pFi():this.oFi()}oFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm)){if(!(wb.AFrameworkApplication.Uf\|\|ae.a.instance.K(58)&&zc.App.GIf)){var B={["RetryCount"]:this.lia,["StatusCode"]:this.ic.statusCode,["HttpStatus"]:this.ic.httpStatusCode.toString(),["HasResponseObjects"]:!Yo.a.Fva(this.ic.Qm)}; source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,2,fc),$c.hyperlink=null,eb=mc,La=!0;else if(La&&$c.Yk){this.Ind(B,$c,sa,2,fc);$c.Yk=!1;lb=$c.cp;Nb=mc;break}La&&$c.$a&&this.Cc.cG($c.$a)}sa=ad.ParagraphReader.text(B).substring(X.oc.cp,lb);this.fc.replaceTextRange(bi.a.createTextRange(B,X.oc.cp,lb),sa,!0,!1);for(X=eb;X<=Nb;)eb=B.Ba.K(X++),lb=B.pdb(eb.cp+sa.length),eb.$a&&(lb.$a=eb.$a.ld(lb));B.lq()}flc(B,X,sa){sa.wordRunProperties.Euc(X?B-1:B,2);ae.a.instance.K(57)&&(sa.wordRunProperties.EP.W(B,Nk.CharacterPropertiesEditor.u8),sa.wordRunProperties.yZ.W(B, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.i3f(ha);da.a.Keb().then(ia=>{ia.update(ha);return null})}i3f(ha){const {AFrameworkApplication:ia}=d(40343);this.nVc=ha;if(ia.fa){ia.Hmc();ia.fa.lJ(!1);const Y={};Y.activeDivZIndex=ia.fa.dY;ha.dialogHostProperties=Y}ha.dialogButtonsOption=void 0!==ha.dialogButtonsOption&&null!==ha.dialogButtonsOption?ha.dialogButtonsOption:this.lc;ha=this.PDb(1,ha);ha=this.PDb(2,ha);ha=this.PDb(3,ha);ha=this.PDb(4,ha);ha=this.PDb(0,ha);ha.defaultExecutionButton=ha.defaultExecutionButton\|\|this.c6a;ha.hideCloseButton= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: Ga):Va.end<hb.end?Ga++:r++}return R}mJe(r,R){let ja=!1;for(const Ga of R){R=Ga.errorDetails;ja=1===R.proofingType\|\|ja;let Va=r.pdb(Ga.begin);Va.Sm=new Jd(Va,R);Va.isFromErrorRangeSplit=!0;Va=r.pdb(Ga.end);Va.UJ=!0;Va.isFromErrorRangeSplit=!0}ja&&(r.SPb=!1)}uUf(r,R){if(!Lf.a.fh(R)){r=r.Ba;for(const ja of R){R=r.Cz(ja.begin);const Ga=r.Cz(ja.end);R&&R.Sm&&Ga&&Ga.UJ?(R.Sm=null,Ga.UJ=!1):(R=String.format("Could not find and remove ErrorRange from CHPs. Cp Begin: {0}, Cp End: {1}",ja.begin,ja.end),la.ULS.sendTraceTag(37532355, source: chromecache_156.2.dr, chromecache_165.2.dr

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.5:53390 -> 1.1.1.1:53

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /view?id=A2C259BD24DEB977!1517&resid=A2C259BD24DEB977!1517&authkey=!AMV6sdjMIZf95vs&wd=target(Quick%20Notes.one\|8266a05f-045a-4cc0-bddc-4debc90069bb/Notera%20H6TYD9J4rDFDFECZC-HUYW\|a949d04d-b4e2-4509-b99f-d04546199b7b/)&wdorigin=NavigationUrl&wdo=2&cid=a2c259bd24deb977 HTTP/1.1Host: onedrive.live.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:n6FtOs703Ig=:tX98Ha3Sg5aXwm0pEwZfe2mSMOl29Tq57MD4NgV4tbo=:F; xid=41096100-8b25-4477-a99f-3d75db735c7f&&ODSP-ODWEB-ODCF&345; xidseq=1
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /wise-m/owl/5mttl/production/100/manifest.js HTTP/1.1Host: wise-m.public.cdn.office.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=b8OvWspZ3u69mPy&MD=k5onZEPa HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /o/RemoteUls.ashx?build=16.0.18214.41004&waccluster=PUS6&usid=f019285c-7b15-42cb-9553-81e5180782a0 HTTP/1.1Host: usc-onenote.officeapps.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: xid=41096100-8b25-4477-a99f-3d75db735c7f&&ODSP-ODWEB-ODCF&345; E=P:Z32JOs703Ig=:ewBTIxDnzzRQBNKe4b5DGN0iuAdLcN3lzztHF37n8y0=:F; xidseq=2; wla42=
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /suite/RemoteTelemetry.ashx?usid=f019285c-7b15-42cb-9553-81e5180782a0 HTTP/1.1Host: common.online.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /o/AppSettingsHandler.ashx?app=OneNote&usid=f019285c-7b15-42cb-9553-81e5180782a0&build= HTTP/1.1Host: onenote.officeapps.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://onedrive.live.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://onedrive.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /o/AppSettingsHandler.ashx?app=OneNote&usid=f019285c-7b15-42cb-9553-81e5180782a0&build= HTTP/1.1Host: onenote.officeapps.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: xid=41096100-8b25-4477-a99f-3d75db735c7f&&ODSP-ODWEB-ODCF&345; E=P:Z32JOs703Ig=:ewBTIxDnzzRQBNKe4b5DGN0iuAdLcN3lzztHF37n8y0=:F; xidseq=2; wla42=
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=b8OvWspZ3u69mPy&MD=k5onZEPa HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: common.online.office.com
Source: global traffic	DNS traffic detected: DNS query: onenoteonline.nel.measure.office.net

Source: unknown

Source: chromecache_165.2.dr	String found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://1drv.ms
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://attributes.engagement.office-int.com
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://attributes.engagement.office.com
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://attributes.engagement.officeppe.com
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.dev.fluidpreview.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.dev.fluidpreview.office.net/fluid/dev
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.dev.fluidpreview.office.net/fluid/stg
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net/fluid/df
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net/fluid/gcc
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://cdn.fluidpreview.office.net/fluid/prod
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://contentstorage.osi.office.net/images/2f4febe2cca96f7f.gif
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://contentstorage.osi.office.net/images/eb14b3fe6a1e1671.png
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://ecs.office.com
Source: chromecache_165.2.dr	String found in binary or memory: https://fa000000096.resources.office.net
Source: chromecache_165.2.dr	String found in binary or memory: https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2210.23001/en-us_w
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://fa000000096.resources.office.net/f7024bdc-7caf-4ca8-807d-2908f09640d6/1.0.2401.26003/en-us_w
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://feross.org
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://feross.org/opensource
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: chromecache_156.2.dr, chromecache_165.2.dr, chromecache_176.2.dr, chromecache_173.2.dr	String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: chromecache_173.2.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-dod.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-dod.cdn.office.net/fluid/dod
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-gcch.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-gcch.cdn.office.net/fluid/gcch
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res-sdf.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://res.cdn.office.net
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.edog.officeapps.live.com/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.officeapps.live.com/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.officeapps.partner.office365.cn/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.osi.apps.mil/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.osi.office.de/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://roaming.osi.office365.us/rs/v1/settings
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://support.office.com/article/7afcb4f3-4aa2-443a-9b08-125a5d692576
Source: chromecache_155.2.dr, chromecache_184.2.dr	String found in binary or memory: https://usc-onenote.officeapps.live.com/o/RemoteUls.ashx
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.apps.mil
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.eaglex.ic.gov
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.microsoft.scloud
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.office.com/root/index.fluid.js
Source: chromecache_156.2.dr, chromecache_165.2.dr	String found in binary or memory: https://whiteboard.office365.us

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 53420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53443 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 53489 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53500 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 53523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 53581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 53398 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53407 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 53397 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 53534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53421 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 53545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 53488 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 53604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 53410 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 53406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53479 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 53433 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 53567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 53571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 53509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 53478 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53422 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53445 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53467 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53411 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53603
Source: unknown	Network traffic detected: HTTP traffic on port 53428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53608
Source: unknown	Network traffic detected: HTTP traffic on port 53589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53607
Source: unknown	Network traffic detected: HTTP traffic on port 53463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53602
Source: unknown	Network traffic detected: HTTP traffic on port 53537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53601
Source: unknown	Network traffic detected: HTTP traffic on port 53514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53600
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53614
Source: unknown	Network traffic detected: HTTP traffic on port 53475 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53612
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53610
Source: unknown	Network traffic detected: HTTP traffic on port 53417 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53451 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53506
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53509
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53508
Source: unknown	Network traffic detected: HTTP traffic on port 53497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53501
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53500
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53395 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53518
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53517
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53515
Source: unknown	Network traffic detected: HTTP traffic on port 53590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 53429 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 53485 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53519
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53510
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 53605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53514
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53513
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53512
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53511
Source: unknown	Network traffic detected: HTTP traffic on port 53503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53409 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53591 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53453 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53499 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53393 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53441 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53465 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53430 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53487 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53431 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53419 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53442 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53449
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53444
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53565
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53564
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53442
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53563
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53441
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53562
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53448
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53569
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53447
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53446
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53445
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53566
Source: unknown	Network traffic detected: HTTP traffic on port 53552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53451
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53572
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53450
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53571
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53570
Source: unknown	Network traffic detected: HTTP traffic on port 53598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53414 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53437 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53483 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53455
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53454
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53575
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53453
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53574
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53452
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53459
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53458
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53579
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53457
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53578
Source: unknown	Network traffic detected: HTTP traffic on port 53402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53456
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53577
Source: unknown	Network traffic detected: HTTP traffic on port 53608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53462
Source: unknown	Network traffic detected: HTTP traffic on port 53472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53583
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53461
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53582
Source: unknown	Network traffic detected: HTTP traffic on port 53448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53460
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53581
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53580
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53466
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53465
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53586
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53464
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53585
Source: unknown	Network traffic detected: HTTP traffic on port 53426 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53463
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53469
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53468
Source: unknown	Network traffic detected: HTTP traffic on port 53551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53589
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53467
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53588
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53590
Source: unknown	Network traffic detected: HTTP traffic on port 53494 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53473
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53594
Source: unknown	Network traffic detected: HTTP traffic on port 53471 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53472
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53471
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53592
Source: unknown	Network traffic detected: HTTP traffic on port 53449 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53470
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53591
Source: unknown	Network traffic detected: HTTP traffic on port 53506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53476
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53475
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53474
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53595
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53479
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53478
Source: unknown	Network traffic detected: HTTP traffic on port 53517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53599
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53480
Source: unknown	Network traffic detected: HTTP traffic on port 53576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53483
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53482
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53481
Source: unknown	Network traffic detected: HTTP traffic on port 53392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53415 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53408
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53529
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53407
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53406
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53405
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53526
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53409
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53400
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53521
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53403
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53523
Source: unknown	Network traffic detected: HTTP traffic on port 53401 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53401
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53522
Source: unknown	Network traffic detected: HTTP traffic on port 53527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53496 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53473 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53419
Source: unknown	Network traffic detected: HTTP traffic on port 53515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53418
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53539
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53417
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53416
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53411
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53410
Source: unknown	Network traffic detected: HTTP traffic on port 53462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53531
Source: unknown	Network traffic detected: HTTP traffic on port 53427 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53415
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53414
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53413
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53534
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53412
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53533
Source: unknown	Network traffic detected: HTTP traffic on port 53550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53438 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53429
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53428
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53549
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53427
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53548
Source: unknown	Network traffic detected: HTTP traffic on port 53484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53422
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53543
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53421
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53420
Source: unknown	Network traffic detected: HTTP traffic on port 53461 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53540
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53426
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53547
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53425
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53424
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53545
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53423
Source: unknown	Network traffic detected: HTTP traffic on port 53516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53544
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53550
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53439 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53391 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53416 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53439
Source: unknown	Network traffic detected: HTTP traffic on port 53538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53438
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53433
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53554
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53432
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53431
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53430
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53437
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53558
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53436
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53557
Source: unknown	Network traffic detected: HTTP traffic on port 53400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53435
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53434
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53555
Source: unknown	Network traffic detected: HTTP traffic on port 53549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53440
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53561
Source: unknown	Network traffic detected: HTTP traffic on port 53495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53560
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53457 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53572 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53405 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53492 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53469 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53412 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53435 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.5:53536 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53568 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:53569 version: TLS 1.2

Source: chromecache_156.2.dr, chromecache_165.2.dr

Source: classification engine

Classification label: mal48.win@22/68@14/7

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1740,i,10532031044460089774,2200716267043631904,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1740,i,10532031044460089774,2200716267043631904,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: B.interval),this.pDb=!0,this.khe=new Date,so.show(Yc.a.eci),Jk.tSe()))}eo(B,X,sa){Array.add(this.bR,new Bv.a(!0,B,X,sa));zc.App.hv.MS()}forceOutbound(){}bYa(){return 4!==this._state}QJa(){1===this._state?this.$0a():this.ic&&2===this.ic.status&&(this.BZ(),this.gO.execute(B=>{B.wbb();B.uja();B.DUa()}))}get buf(){return!0}$0a(){var B=this.Jb.fileId?In.a.fmd(this.Jb.ei,"",this.Jb.km):In.a.fmd(wb.AFrameworkApplication.uo,zc.App.vgb,null),X=wb.AFrameworkApplication.J;B.ForceTransform=Ce.WoncaApp.xpc;B.IsNewFile= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: "RetryOnFailure";break;case 0:wb.AFrameworkApplication.oja.RetryReason="None";break;case 4:wb.AFrameworkApplication.oja.RetryReason="RedirectedClusterOnServer"}}gBf(){wb.AFrameworkApplication.oja.RetryStartTime=0<this.Acc?this.nCe.getTime():0;wb.AFrameworkApplication.oja.RetryCountWhileParsing=this.Acc;this.ufi(this.d9a);this.a_i()}a_i(){this.Acc=this.d9a=0}fv(B){this._state=4;B\|\|this.pDb\|\|Jk.tSe()}Mc(B,X,sa,La,eb,lb,Nb,fc=!1){wb.AFrameworkApplication.oja.BootFailed=!0;var mc={};mc.ErrorCode=B;mc.Message= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: !1;let va=0;ca.FW&&(pa=ca.ZA.Cla(V));this.UVf(V,xa,!1);var ra=V.cpBegin;V=V.node;this.ajj(la.a.Fe(V,ra+1));xa=V.pdb(ra);Ka=Ka(xa);xa.blob=Ka;if(ca.YHd&&6===xa.blob.zj){if(0<ra){const wa=V.Ba;va=wa.uXa(ra);0<=va-1&&(ra=wa.K(va-1),xa.$a=new ua.a(xa,ra.$a?ra.$a.fi:u.a.nil),!ca.FW&&ra.hyperlink&&this.Qe.cG(xa.$a))}ca.FW&&(pa?xa.Yk&&(xa.Yk=!1,V.Ba.K(va+1).Yk=!0):xa.$a&&xa.$a.cache.Xr&&this.Qe.cG(xa.$a))}if(D.a.instance.K(57))for(V.lq(),pa=Ka.v8,xa.$a&&pa--,V.wordRunProperties.JYa(Math.max(0,Ka.ef-1),2, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.ow.YD&&(ae.a.instance.K(58)&&this.yQ!==B.Cells.length-1&&(La.yb.enabled=0),this.j$f(La),this.ow=null,this.yQ++);sa=Jk.v9f(X.getTime());1>sa&&(sa=1);if(this.ow\|\|Jk.Xfa(sa)){this.gX+=sa;B=wb.AFrameworkApplication.J.vb("MaxBootDeserializationTimeInMs",0);if(0<B&&this.gX>B)return this.Mc(Yc.a.pzf,CommonUiStrings.CannotOpenFile,!1,!0,!1,null,null),this.Aw.dispose(),!1;this.setActive();return!1}}return!0}pFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm))this.hhh();else{var B= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,La,eb,lb,Nb,fc=null,mc=null,$c=0){super();this.nCe=this.khe=this.aF=this.vi=this.rx=this.nX=this.qh=this.Aw=null;this.gX=this.yQ=0;this.ow=null;this.bR=[];this.Jpe=null;this.d9a=this.Acc=0;this.pDb=this.Fpe=!1;this.pBa=null;this.lia=0;this.va=new hh.a;this.vS=null;this.Jb=B;this.aha=X;this.Ia=sa;this.gO=La;this.Ir=eb;this.S5b=fc;this.cac=Nb;zc.App.hv.register(this);this.bob=!0;this.iU="GraphSpaceRootReplicator";lb&&""!==lb&&(this.iU+="_"+lb);0<$c&&(mc\|\|(mc=zf.TaskManager.instance),mc.Fb(new Zc.a(3, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: 1,1E3*$c,vd=>{this.uDg(vd)},132)))}get IBd(){return this.Jpe\|\|(this.Jpe=ib.a.instance.resolve("Wonca.IGraphSpaceRootReplicatorErrorHandler"))}dIg(B){this.va.addHandler(Jk.nwd,B)}get O1(){return 4===this._state?super.O1:1}get eK(){return this.iU}uDg(B){4===this._state\|\|this.pDb\|\|(this.qh?vb.ULS.sendTraceTag(41821144,338,15,"GetCells still processing response when abort call came after {0} ms. Not aborting.",B.interval):(vb.ULS.sendTraceTag(41821145,338,15,"GetCells aborting boot after it did not complete in {0} ms.", source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: X);fr.a.UDb("InitializeLocalCobalt",B.InitializeLocalCobaltStartTime,B.InitializeLocalCobaltEndTime,X);this.Ir.Ac("ServerData",X)}}BZ(){wb.AFrameworkApplication.J.Z("RefactorParseServerResponseIsEnabled")?this.pFi():this.oFi()}oFi(){if(this.pDb)this.KAf();else if(2!==this.ic.statusCode\|\|Yo.a.Fva(this.ic.Qm)){if(!(wb.AFrameworkApplication.Uf\|\|ae.a.instance.K(58)&&zc.App.GIf)){var B={["RetryCount"]:this.lia,["StatusCode"]:this.ic.statusCode,["HttpStatus"]:this.ic.httpStatusCode.toString(),["HasResponseObjects"]:!Yo.a.Fva(this.ic.Qm)}; source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: sa,2,fc),$c.hyperlink=null,eb=mc,La=!0;else if(La&&$c.Yk){this.Ind(B,$c,sa,2,fc);$c.Yk=!1;lb=$c.cp;Nb=mc;break}La&&$c.$a&&this.Cc.cG($c.$a)}sa=ad.ParagraphReader.text(B).substring(X.oc.cp,lb);this.fc.replaceTextRange(bi.a.createTextRange(B,X.oc.cp,lb),sa,!0,!1);for(X=eb;X<=Nb;)eb=B.Ba.K(X++),lb=B.pdb(eb.cp+sa.length),eb.$a&&(lb.$a=eb.$a.ld(lb));B.lq()}flc(B,X,sa){sa.wordRunProperties.Euc(X?B-1:B,2);ae.a.instance.K(57)&&(sa.wordRunProperties.EP.W(B,Nk.CharacterPropertiesEditor.u8),sa.wordRunProperties.yZ.W(B, source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: this.i3f(ha);da.a.Keb().then(ia=>{ia.update(ha);return null})}i3f(ha){const {AFrameworkApplication:ia}=d(40343);this.nVc=ha;if(ia.fa){ia.Hmc();ia.fa.lJ(!1);const Y={};Y.activeDivZIndex=ia.fa.dY;ha.dialogHostProperties=Y}ha.dialogButtonsOption=void 0!==ha.dialogButtonsOption&&null!==ha.dialogButtonsOption?ha.dialogButtonsOption:this.lc;ha=this.PDb(1,ha);ha=this.PDb(2,ha);ha=this.PDb(3,ha);ha=this.PDb(4,ha);ha=this.PDb(0,ha);ha.defaultExecutionButton=ha.defaultExecutionButton\|\|this.c6a;ha.hideCloseButton= source: chromecache_156.2.dr, chromecache_165.2.dr
Source:	Binary string: Ga):Va.end<hb.end?Ga++:r++}return R}mJe(r,R){let ja=!1;for(const Ga of R){R=Ga.errorDetails;ja=1===R.proofingType\|\|ja;let Va=r.pdb(Ga.begin);Va.Sm=new Jd(Va,R);Va.isFromErrorRangeSplit=!0;Va=r.pdb(Ga.end);Va.UJ=!0;Va.isFromErrorRangeSplit=!0}ja&&(r.SPb=!1)}uUf(r,R){if(!Lf.a.fh(R)){r=r.Ba;for(const ja of R){R=r.Cz(ja.begin);const Ga=r.Cz(ja.end);R&&R.Sm&&Ga&&Ga.UJ?(R.Sm=null,Ga.UJ=!1):(R=String.format("Could not find and remove ErrorRange from CHPs. Cp Begin: {0}, Cp End: {1}",ja.begin,ja.end),la.ULS.sendTraceTag(37532355, source: chromecache_156.2.dr, chromecache_165.2.dr

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1541923
Product:	CloudBasic
Start time:	10:21:53
Start date:	25.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://onedrive.live.com/redir?resid=A2C259BD24DEB977%211517&authkey=%21AMV6sdjMIZf95vs&page=View&wd=target%28Quick%20Notes.one%7C8266a05f-045a-4cc0-bddc-4debc90069bb%2FNotera%20H6TYD9J4rDFDFECZC-HUYW%7Ca949d04d-b4e2-4509-b99f-d04546199b7b%2F%29&wdorigin=NavigationUrl