Windows Analysis Report
securedoc_20241028T070148.html

Overview

General Information

Sample name:	securedoc_20241028T070148.html
Analysis ID:	1544570
MD5:	9e93604383164526770aee82ad13135b
SHA1:	c192c3527a34007697656f22b80e22e603eb2718
SHA256:	9f641a058fd60b589f3055e890021bc04683aa99e586372b38b16a32131166fe
Infos:

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

AI detected suspicious URL

HTML file submission containing password form

Suspicious Javascript code found in HTML file

Detected hidden input values containing email addresses (often used in phishing pages)

Detected non-DNS traffic on DNS port

HTML page contains hidden javascript code

HTML title does not match URL

HTTP GET or POST without a user agent

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

None HTTPS page querying sensitive user data (password, username or email)

Classification

Signatures

Phishing

AI detected phishing page

Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

LLM: Score: 10 Reasons: HTML file with login form DOM: 0.0.pages.csv

Suspicious Javascript code found in HTML file

Source: securedoc_20241028T070148.html	HTTP Parser: document.write
Source: securedoc_20241028T070148.html	HTTP Parser: location.href
Source: securedoc_20241028T070148.html	HTTP Parser: .location
Source: securedoc_20241028T070148.html	HTTP Parser: .location

Detected hidden input values containing email addresses (often used in phishing pages)

Source: securedoc_20241028T070148.html

HTTP Parser: Tompkins ClientAlerts <TIAClientAlerts@tompkinsfinancial.com>

HTML page contains hidden javascript code

Source: securedoc_20241028T070148.html

HTTP Parser: Base64 decoded: Zeppelin rules!

HTML title does not match URL

Source: securedoc_20241028T070148.html	HTTP Parser: Title: Secure Registered Envelope:Capital Blue Cross: Gag Clause Prohibition Attestation Due 12.31.2024 does not match URL
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: Title: Secure Registered Envelope:Capital Blue Cross: Gag Clause Prohibition Attestation Due 12.31.2024 does not match URL

None HTTPS page querying sensitive user data (password, username or email)

Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

HTTP Parser: Has password / email / username input fields

Source: securedoc_20241028T070148.html	HTTP Parser: <input type="password" .../> found
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: <input type="password" .../> found

Source: securedoc_20241028T070148.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: No favicon
Source: https://res.cisco.com/websafe/help?topic=AddrNotShown	HTTP Parser: No favicon

Source: securedoc_20241028T070148.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: No <meta name="author".. found

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:55889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:55891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56107 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56109 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:49745 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:55888 -> 1.1.1.1:53

HTTP GET or POST without a user agent

Source: global traffic

HTTP traffic detected: GET /?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__d94e1f9600000192d2ca05ded84792bf017da47c%40esa2%2Ehc5811-91%2Eiphmx%2Ecom%27,%0D%0A%27flags%27%3A3073,%0D%0A%27rid%27%3A%27c3VzYW4gZ29yZG9uIDxzZ29yZG9uQHRvbXBraW5zZmluYW5jaWFsLmNvbT4%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D,%27keyHash%27%3A%27SHA-256%27%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27gSFVkYOu1Y3UkMOIZWQXMQ%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1730113308129%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,8415%5D,%27Body-1730113308129%2Etxt%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image003%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image003%2Epng%27,%0D%0A21,%5B8415,19175%5D,%27image003%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B27590,30890%5D,%27MessageBar%2Ehtml%27,%0D%0A%27ISO-8859-1%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%272pw3EGj9%2FtsABMAfwh2rJUEIde0%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27tUsZ%2FH%2BJdTmbz4jzArkw%2FppPaVmS5HEV70bdWgYHbXZosCmVgAXddacI9N42JABOKX5jk3Kcmw812ymvXNEtZr9jT3eqUWzAt06N7CmGnHLQFEofzHke%2FCir8AYoVPmKAhXqPnDiaFzo8lt%2BsLhEzAeXJQgsdz5t78yamP8MNJSMM4PbLHDWDTstCEVFuNVP6GGwG%2FJDeMo3ePCHjgOwZ%2BwlzJ6V09qvIfMGLq2mGnBrtDgju8dXpnjkqC9ZB1RHEKLGw4jBfG3PR5%2FBzr0SK1q70pM6jCukP1JNnmEX0mzR08njV4nv9qmI8cQ7p72OS6pjks0te0QxEYz8AR8CwW6EtXAOxZq5BRaTy4y%2FwG80HNZiXrKEziGlnmxr52SJUMo4qqVzOsf3QAMrBDR5DLZTdembXWiSKM8Dgnyfc13VY7wW6xOin2vJMqvRdw136QC37CykLzJWWMv5piPaBFd81Ov1ys%2BHM1G0hU6lDJmoEflYlcnGu7ZqQ0cHARc0D1NDS%2FEdayuxSzcOHrQVtYDbvNNx9rR1dr5ZaWaAHeyuOCyv9lVoC0ZfStpfCf9M4ftuu6CIYh7vVNzf6JKib3AvEbN4xZx45wWTNdf3Gxipt5BqYXMJSFBuDTIIug4BlRkqZ2CEIFpPBLDpQkk9CrKXkffVsc2KEwNld1jdcwBI3rvOyeAlhm1KLVsqnVL9govSsOx03WSdbzbyvF2WzO0A97PM52VMR9JjBgxA4WSt1T24bWUQBiqlofX7W4yV3fvR2RrrbJvnqq2lMPoMnTL2taapQ1Qg72wQmcKf3P9ni%2FbboYFqqfScQmqnfGKLr81P%2B076WSKpoS2KtRvuDvr%2Fk8hwb0EB%2BqsmJUrxRbGa08R1XGra7v%2FX3eoO4OrtiQexV3h4HsU2OrvYorzfkyPjlMoodEVUotD6U3CMJ8Ngbt%2Fl1%2FhhgA5QgcZ5m1uHB9qZgTmrXpJw7fEwlW1%2FtaqAym063Dl3sXMtgL4aDSS8vqkbBidB3zgf5UvbOnKJjO7OllHjdjqbRuj7bdW3sNDGIKqnWCFYUjJPA9NYQVAElrYPWnfjFRoS3bgEcxO%2B5t62apUJ6F3jdl1W563zw7FnOPui5ye9xOebZbt6XrnInoxV9Rr66iilrK8P0yllQ7HIPNtBGDe5t%2FcKAaMRze9Aqajvyi9EPDAIa2YKNsPgkJGMxCssv%2FpI1Ls9IlDygR9HnBxoj1bE0Jst8ztPH99LOfHtBEcSoZRsJ33ARS5Dx4xwRRiHHJLneWg29OL9QXEGEFiNgf8KYeADzZDaWzkq3UjAkZxG8ifCwtqNoRiH1BwAppka62NhtzZ5q6MpIVtglGQiJiM%2FuwSNqOWe0QJpEhgDf2AZ%2FrDqWn8toEpAFtbQP0Q0itLB37Tkx7zsodNejhMflb0XQEStKf0fLsgV2MUcda52MpfJsUrDamaRoQ9wNK9fQzgL%2FsHGnNnHxqNXMZySJxwY0v56le%2BpieJZREaLfVhsEkcmD%2FvusRd%2BVsJxHcEE7XBSXnfNDtCUGs%2BYgLvqFRGXxhgWom8sfSKp0Z8anxlDs5J8ExhM4CFmENn%2Fwr9ePzCf2UeqYEBzSeYh6jZG8iVU7NOKeMglZf%2B5DAX8%2F7Q4cqfnDuob4c563PgfYhld8g5EZvfSDU0FsPqISDCndhKXotATNKq0CEtLqpDLROoTsAgufwMstTcGTH6%2BNdi4xEu0oWH%2BYm

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 13.32.121.40 13.32.121.40
Source: Joe Sandbox View	IP Address: 104.18.11.207 104.18.11.207
Source: Joe Sandbox View	IP Address: 104.18.11.207 104.18.11.207
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox View	IP Address: 104.17.25.14 104.17.25.14

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/css/select2.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/js/select2.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /url?a=https%3a%2f%2fstatic.cres-aws.com%2fpostx.css&c=E,1,_oNzUaaJ6Oh_nmW_uRHKD7LdB7nJv5nE_YElsWxHIL-NU42TXK4qYBmvLBLeAQOn2J9dTpT7BwPZoOaqPQ0RYcNDJvyshA79Xq8drtgBOg,,&typo=1 HTTP/1.1Host: linkprotect.cudasvc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7lYX2A!!/branding/customer-logo.gif?f=1 HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/js/select2.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=HG3kvu0slMZuJcb9i+ticrobJGsuNqwAzgdTmZ42owFqRMb8V7gEO7p/Ec76d3Qhvz64JtTYwUybMDjDoyjGIjdriv3lfljS3Ytzrcj1Oarl+zwASKElJzsCoRxh
Source: global traffic	HTTP traffic detected: GET /postx.css HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7lYX2A!!/branding/customer-logo.gif?f=1 HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=VEPU1jrYZMyYdK4yQ+GL7F/Re0NNKq7Or+UfPr4dcNOgf7rYnJZhETgmfEflm74/1cshsbq5K9+duwUF0j1lgY88jqoODswzaHD64zDsQICYbRjgX1J6tu3ZNyS4
Source: global traffic	HTTP traffic detected: GET /?button=google&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=VEPU1jrYZMyYdK4yQ+GL7F/Re0NNKq7Or+UfPr4dcNOgf7rYnJZhETgmfEflm74/1cshsbq5K9+duwUF0j1lgY88jqoODswzaHD64zDsQICYbRjgX1J6tu3ZNyS4
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rKN7t26EwX5VZTv&MD=nDGhOfPU HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=QSKcOHE3Nh9OsnHnZ26gHGLxHguNxe1y8zg2eEpHPBQqd9RoGtlApoC5YpmiH7uMGPrQzsA4sLyJrKt4LuB6rVAeKkUaI8rwlYaC4QWOgoM86aLNgr5au7vHaasx
Source: global traffic	HTTP traffic detected: GET /?button=ok&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=o6adIflfa5CPi106AZ/v1hjQtgghmUOqBXiX4hMBWDjnqauFBmZoNPDpNeRH8geKTC+Xt4npgHrRkIOjH/uoppMbuD6rEXQOhVNjfaxkb7zxj4RpKSrDFKZtFOLl
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=snKp8YD+Kxjt+CN8nIbRXc+MmnTNMIfKVhdZaMY0sAgsK3KWQMeOHT5I4CNBeiS9fCe+TOHBJt44Kk4wSeJdQxiRilJ0T5GGLqCd8Q3yTB6MmsrLh2Vt+LPeMlSn
Source: global traffic	HTTP traffic detected: GET /CRES_login_bg.jpg HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=37hHCDce278SHjhjqZBfU7ukhyFcWdCHCHouLw6ot11yH23ie6kCIQiv2Jc6Cq+4NhjNxXmpOCRDF48HTdaWbhTdXIrns1Lb7fId2kJNCrgZwr2TWitv7qY2U0rY
Source: global traffic	HTTP traffic detected: GET /websafe/images/loginbg.gif HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=CGYuSijmf2Lm97RbU6TTcEwIgmt7kb/C1/2OrCMNWhj+kd0zVkLLFNSChM0vgSZrC3O7LR6DwIIs6tLOh63RoGKSCQW4KByXG4kg0TeJMCnBdKjPt6isZ0dcXDEy
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Regular.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-SemiBold.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/images/loginbg.gif HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=CGYuSijmf2Lm97RbU6TTcEwIgmt7kb/C1/2OrCMNWhj+kd0zVkLLFNSChM0vgSZrC3O7LR6DwIIs6tLOh63RoGKSCQW4KByXG4kg0TeJMCnBdKjPt6isZ0dcXDEy; AWSALBCORS=+BGU0WVHEHiFae7BrAa1mDlpgXzT9hJxmQY/wdhrqEbzHGV/fWPpuet5w0yCCmULVpiR9nw7LfbAkQziqVK57g40NBLqUcVl4pjrSrezixuxst5bnBlt7kzYTMf+
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Light.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Bold.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=+BGU0WVHEHiFae7BrAa1mDlpgXzT9hJxmQY/wdhrqEbzHGV/fWPpuet5w0yCCmULVpiR9nw7LfbAkQziqVK57g40NBLqUcVl4pjrSrezixuxst5bnBlt7kzYTMf+
Source: global traffic	HTTP traffic detected: GET /CRES_login_bg.jpg HTTP/1.1Host: static.cres-aws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=+BGU0WVHEHiFae7BrAa1mDlpgXzT9hJxmQY/wdhrqEbzHGV/fWPpuet5w0yCCmULVpiR9nw7LfbAkQziqVK57g40NBLqUcVl4pjrSrezixuxst5bnBlt7kzYTMf+
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=HWJcMsb9i+BC7PkIVZHr/O2A5Ke7nJH7qP7T7U+PDw66fXs6AwuUSizMnjPeGk5t6FdMxJUC0ddElEQ4bbjku1wulPczywbw2BsNuEzR2p4CWon8tOgc76aULvdH; AWSALBCORS=HWJcMsb9i+BC7PkIVZHr/O2A5Ke7nJH7qP7T7U+PDw66fXs6AwuUSizMnjPeGk5t6FdMxJUC0ddElEQ4bbjku1wulPczywbw2BsNuEzR2p4CWon8tOgc76aULvdH
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=q/+aOH8PDljsDj8uv2Fg1ox7Z0ojIRQU1rNqrDpfpJxXRhMeZi4UPcMmWI5ThM83+RIbU6eHninI+vHeghfNLYtBpl8Qkdnjm9IkPrkI4EIodljNVGkSmQMYOPUM; AWSALBCORS=q/+aOH8PDljsDj8uv2Fg1ox7Z0ojIRQU1rNqrDpfpJxXRhMeZi4UPcMmWI5ThM83+RIbU6eHninI+vHeghfNLYtBpl8Qkdnjm9IkPrkI4EIodljNVGkSmQMYOPUM
Source: global traffic	HTTP traffic detected: GET /websafe/help?topic=AddrNotShown HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=pMbTE1anOOpQ711klqGgQPiRsA6Qlef+mnekzVfad/Lmn3vMGlUXiL4E7VZX2XsFQl/iA3BgFxR7efZtBsPTa69nEtdpQ7VYDw+cnOZFh4NQ0LpkPwTB6KAOXvfG; AWSALBCORS=pMbTE1anOOpQ711klqGgQPiRsA6Qlef+mnekzVfad/Lmn3vMGlUXiL4E7VZX2XsFQl/iA3BgFxR7efZtBsPTa69nEtdpQ7VYDw+cnOZFh4NQ0LpkPwTB6KAOXvfG
Source: global traffic	HTTP traffic detected: GET /websafe/templates/css/postx.css HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/templates/css/customHelp.css HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /admin/cisco-fonts.min.css HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /websafe/templates/standard-scripts.js HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /websafe/templates/screen-reader.js HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/templates/screen-reader.js HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /websafe/templates/standard-scripts.js HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /admin/fonts/Inter/Inter-Regular.ttf HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://res.cisco.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://res.cisco.com/admin/cisco-fonts.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /admin/fonts/SharpSans/SharpSans-Bold.ttf HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://res.cisco.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://res.cisco.com/admin/cisco-fonts.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /admin/fonts/Inter/Inter-Bold.ttf HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://res.cisco.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://res.cisco.com/admin/cisco-fonts.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=svO+HYkz65gquHoLf8FhEBwx3ahVXpXjea3gs3qTZHBUUYvCaReuLc6Kz9b0BFQpcNx2QnVNUq58IYJeol3iS1XSZtGOwR/23eLQewooMA09/ADuyd0R6Cllughj; AWSALBCORS=svO+HYkz65gquHoLf8FhEBwx3ahVXpXjea3gs3qTZHBUUYvCaReuLc6Kz9b0BFQpcNx2QnVNUq58IYJeol3iS1XSZtGOwR/23eLQewooMA09/ADuyd0R6Cllughj
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=sbF93VDK6cMdYrA0q4gAVhpN6i0b+1WeWUhQVRUru3PpOpo4+2JHDM65+1Xi8QJhMFOaH7zB1LDvpaym+np5RVnnimAKFn8WggRQYN3Ql/1oFN9GytUKXXycO+zD; AWSALBCORS=sbF93VDK6cMdYrA0q4gAVhpN6i0b+1WeWUhQVRUru3PpOpo4+2JHDM65+1Xi8QJhMFOaH7zB1LDvpaym+np5RVnnimAKFn8WggRQYN3Ql/1oFN9GytUKXXycO+zD
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rKN7t26EwX5VZTv&MD=nDGhOfPU HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /?lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__d94e1f9600000192d2ca05ded84792bf017da47c%40esa2%2Ehc5811-91%2Eiphmx%2Ecom%27,%0D%0A%27flags%27%3A3073,%0D%0A%27rid%27%3A%27c3VzYW4gZ29yZG9uIDxzZ29yZG9uQHRvbXBraW5zZmluYW5jaWFsLmNvbT4%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D,%27keyHash%27%3A%27SHA-256%27%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27gSFVkYOu1Y3UkMOIZWQXMQ%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1730113308129%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,8415%5D,%27Body-1730113308129%2Etxt%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image003%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image003%2Epng%27,%0D%0A21,%5B8415,19175%5D,%27image003%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B27590,30890%5D,%27MessageBar%2Ehtml%27,%0D%0A%27ISO-8859-1%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%272pw3EGj9%2FtsABMAfwh2rJUEIde0%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27tUsZ%2FH%2BJdTmbz4jzArkw%2FppPaVmS5HEV70bdWgYHbXZosCmVgAXddacI9N42JABOKX5jk3Kcmw812ymvXNEtZr9jT3eqUWzAt06N7CmGnHLQFEofzHke%2FCir8AYoVPmKAhXqPnDiaFzo8lt%2BsLhEzAeXJQgsdz5t78yamP8MNJSMM4PbLHDWDTstCEVFuNVP6GGwG%2FJDeMo3ePCHjgOwZ%2BwlzJ6V09qvIfMGLq2mGnBrtDgju8dXpnjkqC9ZB1RHEKLGw4jBfG3PR5%2FBzr0SK1q70pM6jCukP1JNnmEX0mzR08njV4nv9qmI8cQ7p72OS6pjks0te0QxEYz8AR8CwW6EtXAOxZq5BRaTy4y%2FwG80HNZiXrKEziGlnmxr52SJUMo4qqVzOsf3QAMrBDR5DLZTdembXWiSKM8Dgnyfc13VY7wW6xOin2vJMqvRdw136QC37CykLzJWWMv5piPaBFd81Ov1ys%2BHM1G0hU6lDJmoEflYlcnGu7ZqQ0cHARc0D1NDS%2FEdayuxSzcOHrQVtYDbvNNx9rR1dr5ZaWaAHeyuOCyv9lVoC0ZfStpfCf9M4ftuu6CIYh7vVNzf6JKib3AvEbN4xZx45wWTNdf3Gxipt5BqYXMJSFBuDTIIug4BlRkqZ2CEIFpPBLDpQkk9CrKXkffVsc2KEwNld1jdcwBI3rvOyeAlhm1KLVsqnVL9govSsOx03WSdbzbyvF2WzO0A97PM52VMR9JjBgxA4WSt1T24bWUQBiqlofX7W4yV3fvR2RrrbJvnqq2lMPoMnTL2taapQ1Qg72wQmcKf3P9ni%2FbboYFqqfScQmqnfGKLr81P%2B076WSKpoS2KtRvuDvr%2Fk8hwb0EB%2BqsmJUrxRbGa08R1XGra7v%2FX3eoO4OrtiQexV3h4HsU2OrvYorzfkyPjlMoodEVUotD6U3CMJ8Ngbt%2Fl1%2FhhgA5QgcZ5m1uHB9qZgTmrXpJw7fEwlW1%2FtaqAym063Dl3sXMtgL4aDSS8vqkbBidB3zgf5UvbOnKJjO7OllHjdjqbRuj7bdW3sNDGIKqnWCFYUjJPA9NYQVAElrYPWnfjFRoS3bgEcxO%2B5t62apUJ6F3jdl1W563zw7FnOPui5ye9xOebZbt6XrnInoxV9Rr66iilrK8P0yllQ7HIPNtBGDe5t%2FcKAaMRze9Aqajvyi9EPDAIa2YKNsPgkJGMxCssv%2FpI1Ls9IlDygR9HnBxoj1bE0Jst8ztPH99LOfHtBEcSoZRsJ33ARS5Dx4xwRRiHHJLneWg29OL9QXEGEFiNgf8KYeADzZDaWzkq3UjAkZxG8ifCwtqNoRiH1BwAppka62NhtzZ5q6MpIVtglGQiJiM%2FuwSNqOWe0QJpEhgDf2AZ%2FrDqWn8toEpAFtbQP0Q0itLB37Tkx7zsodNejhMflb0XQEStKf0fLsgV2MUcda52MpfJsUrDamaRoQ9wNK9fQzgL%2FsHGnNnHxqNXMZySJxwY0v56le%2BpieJZREaLfVhsEkcmD%2FvusRd%2BVsJxHcEE7XBSXnfNDtCUGs%2BYgLvqFRGXxhgWom8sfSKp0Z8anxlDs5J8ExhM4CFmENn%2Fwr9ePzCf2UeqYEBzSeYh6jZG8iVU7NOKeMglZf%2B5DAX8%2F7Q4cqfnDuob4c563PgfYhld8g5EZvfSDU0FsPqISDCndhKXotATNKq0CEtLqpDLROoTsAgufwMstTcGTH6%2BNdi4xEu0oWH%2BYm
Source: global traffic	HTTP traffic detected: GET /?button=google&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?button=ok&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: linkprotect.cudasvc.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: res.cisco.com
Source: global traffic	DNS traffic detected: DNS query: static.cres-aws.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com

Source: chromecache_179.2.dr, chromecache_173.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: securedoc_20241028T070148.html	String found in binary or memory: http://res.cisco.com?button=google&lp=en
Source: securedoc_20241028T070148.html	String found in binary or memory: http://res.cisco.com?button=ok&lp=en
Source: securedoc_20241028T070148.html	String found in binary or memory: http://res.cisco.com?lp=en
Source: chromecache_154.2.dr	String found in binary or memory: http://scripts.sil.org/OFLInterLightWeightSlant
Source: chromecache_182.2.dr	String found in binary or memory: http://scripts.sil.org/OFLInterSemiBoldWeightSlant
Source: chromecache_161.2.dr, chromecache_181.2.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightSlant
Source: chromecache_180.2.dr, chromecache_155.2.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightSlantRegular
Source: chromecache_167.2.dr	String found in binary or memory: http://www.sharptype.co
Source: chromecache_167.2.dr	String found in binary or memory: http://www.sharptype.cohttp://www.sharptype.cohttp://www.sharptype.cohttp://www.sharptype.cohttp://w
Source: securedoc_20241028T070148.html	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Source: securedoc_20241028T070148.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/css/select2.min.css
Source: securedoc_20241028T070148.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/select2.min.js
Source: chromecache_151.2.dr, chromecache_174.2.dr, chromecache_157.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_182.2.dr, chromecache_154.2.dr	String found in binary or memory: https://github.com/rsms/inter)Inter
Source: chromecache_180.2.dr, chromecache_155.2.dr	String found in binary or memory: https://github.com/rsms/inter)InterBold3.019;RSMS;Inter-BoldInter
Source: chromecache_161.2.dr, chromecache_181.2.dr	String found in binary or memory: https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter
Source: chromecache_165.2.dr, chromecache_164.2.dr	String found in binary or memory: https://github.com/select2/select2/blob/master/LICENSE.md
Source: chromecache_151.2.dr, chromecache_174.2.dr, chromecache_157.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_151.2.dr, chromecache_157.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f_l.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f_n.save&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2falgnames.encryption.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fd6.run&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdC.name&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdocument.open&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ff1.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fgM.nr&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fi18n.authframe.safr.button.open&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fi18n.authframe.safr.passphrase.more.info&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fiA.name&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fiB.name&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fih.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fil.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fm.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fopenerObj.run&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstatic.cres-aws.com%2fpostx.css&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ftext_i18n.authframe.safr.link.help&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fthis.save&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fthis.total&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwindow.open&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/custom.action?cmd=authFrame
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/images/loginbg.gif
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/images/pullFeature/arrowDown.svg
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/envelopeopener/decrypt_envelope.jsp
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/keyserver/Logout
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/keyserver/keyserver
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=AddrNotShown
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=PPNotShown
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=RegEnvelope
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/pswdForgot.action
Source: securedoc_20241028T070148.html	String found in binary or memory: https://static.cres-aws.com/CRES_login_bg.jpg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 56010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56039
Source: unknown	Network traffic detected: HTTP traffic on port 56159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56046
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 55945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 55922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56049
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56052
Source: unknown	Network traffic detected: HTTP traffic on port 55979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56053
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56054
Source: unknown	Network traffic detected: HTTP traffic on port 56113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56050
Source: unknown	Network traffic detected: HTTP traffic on port 56148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56059
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56067
Source: unknown	Network traffic detected: HTTP traffic on port 56158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56064
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56065
Source: unknown	Network traffic detected: HTTP traffic on port 56032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56061
Source: unknown	Network traffic detected: HTTP traffic on port 56147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56079
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56073
Source: unknown	Network traffic detected: HTTP traffic on port 56136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56070
Source: unknown	Network traffic detected: HTTP traffic on port 55946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56072
Source: unknown	Network traffic detected: HTTP traffic on port 56079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 56146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 56020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56119
Source: unknown	Network traffic detected: HTTP traffic on port 55955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56114
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56124
Source: unknown	Network traffic detected: HTTP traffic on port 55978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56120
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 55989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56127
Source: unknown	Network traffic detected: HTTP traffic on port 55912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56007
Source: unknown	Network traffic detected: HTTP traffic on port 56046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56133
Source: unknown	Network traffic detected: HTTP traffic on port 56134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56131
Source: unknown	Network traffic detected: HTTP traffic on port 55944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56019
Source: unknown	Network traffic detected: HTTP traffic on port 55934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56139
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56024
Source: unknown	Network traffic detected: HTTP traffic on port 56135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56146
Source: unknown	Network traffic detected: HTTP traffic on port 56112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56142
Source: unknown	Network traffic detected: HTTP traffic on port 56019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 56070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 56101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56147
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56149
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56155
Source: unknown	Network traffic detected: HTTP traffic on port 56157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56153
Source: unknown	Network traffic detected: HTTP traffic on port 56092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 55900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55909
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55903
Source: unknown	Network traffic detected: HTTP traffic on port 55965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55904
Source: unknown	Network traffic detected: HTTP traffic on port 55988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55901
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55919
Source: unknown	Network traffic detected: HTTP traffic on port 56088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55915
Source: unknown	Network traffic detected: HTTP traffic on port 56116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55910
Source: unknown	Network traffic detected: HTTP traffic on port 56151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55912
Source: unknown	Network traffic detected: HTTP traffic on port 55954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55929
Source: unknown	Network traffic detected: HTTP traffic on port 56012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55925
Source: unknown	Network traffic detected: HTTP traffic on port 56150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55923
Source: unknown	Network traffic detected: HTTP traffic on port 55930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55936
Source: unknown	Network traffic detected: HTTP traffic on port 55966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55931
Source: unknown	Network traffic detected: HTTP traffic on port 56139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55932
Source: unknown	Network traffic detected: HTTP traffic on port 55918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55934
Source: unknown	Network traffic detected: HTTP traffic on port 56023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55930
Source: unknown	Network traffic detected: HTTP traffic on port 55892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 56054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56087
Source: unknown	Network traffic detected: HTTP traffic on port 56114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56080
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56081
Source: unknown	Network traffic detected: HTTP traffic on port 56126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56083
Source: unknown	Network traffic detected: HTTP traffic on port 55941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56096
Source: unknown	Network traffic detected: HTTP traffic on port 56000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56094
Source: unknown	Network traffic detected: HTTP traffic on port 56077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56090
Source: unknown	Network traffic detected: HTTP traffic on port 56115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55987
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55982
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55984
Source: unknown	Network traffic detected: HTTP traffic on port 56027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55985
Source: unknown	Network traffic detected: HTTP traffic on port 56062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55992
Source: unknown	Network traffic detected: HTTP traffic on port 55997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55993
Source: unknown	Network traffic detected: HTTP traffic on port 55916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55996
Source: unknown	Network traffic detected: HTTP traffic on port 55927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55889
Source: unknown	Network traffic detected: HTTP traffic on port 55915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55891
Source: unknown	Network traffic detected: HTTP traffic on port 56026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55892
Source: unknown	Network traffic detected: HTTP traffic on port 56003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55893
Source: unknown	Network traffic detected: HTTP traffic on port 56131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55899
Source: unknown	Network traffic detected: HTTP traffic on port 56153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55897
Source: unknown	Network traffic detected: HTTP traffic on port 56108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55946
Source: unknown	Network traffic detected: HTTP traffic on port 55984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55947
Source: unknown	Network traffic detected: HTTP traffic on port 56117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55942
Source: unknown	Network traffic detected: HTTP traffic on port 56152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55945
Source: unknown	Network traffic detected: HTTP traffic on port 55917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55941
Source: unknown	Network traffic detected: HTTP traffic on port 55949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55959
Source: unknown	Network traffic detected: HTTP traffic on port 56141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55956
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55952
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55965
Source: unknown	Network traffic detected: HTTP traffic on port 55896 -> 443

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:55889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:55891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56107 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56109 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.winHTML@30/58@26/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\securedoc_20241028T070148.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2036,i,11714635817237412283,15918365930633884916,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2036,i,11714635817237412283,15918365930633884916,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected suspicious URL

Source: Email

JoeBoxAI: AI detected suspicious URL: URL: securedoc_20241028T070148.html

Stealing of Sensitive Information

HTML file submission containing password form

Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

HTTP Parser: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
34.206.224.40	unknown	United States	14618	AMAZON-AESUS	false
13.32.121.40	d2qj7djftjbj85.cloudfront.net	United States	16509	AMAZON-02US	false
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
34.235.221.210	res.cisco.com	United States	14618	AMAZON-AESUS	false
18.159.67.181	linkprotect.cudasvc.com	United States	16509	AMAZON-02US	false
142.250.184.228	www.google.com	United States	15169	GOOGLEUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
13.32.121.110	unknown	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.17
192.168.2.8
192.168.2.7
192.168.2.4
192.168.2.6

Contacted Domains

Name	IP	Active
res.cisco.com	34.235.221.210	true
cdnjs.cloudflare.com	104.17.25.14	true
maxcdn.bootstrapcdn.com	104.18.11.207	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
s-part-0017.t-0009.fb-t-msedge.net	13.107.253.45	true
www.google.com	142.250.184.228	true
linkprotect.cudasvc.com	18.159.67.181	true
d2qj7djftjbj85.cloudfront.net	13.32.121.40	true
static.cres-aws.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://res.cisco.com/websafe/help?topic=AddrNotShown	false	unknown
https://res.cisco.com/websafe/templates/standard-scripts.js	false	unknown
https://res.cisco.com/admin/fonts/Inter/Inter-Regular.ttf	false	unknown
https://res.cisco.com/websafe/images/loginbg.gif	false	unknown
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/css/select2.min.css	false	unknown
http://res.cisco.com/?button=google&lp=en	false	unknown
https://res.cisco.com/websafe/templates/css/postx.css	false	unknown
http://res.cisco.com/?lp=en	false	unknown
https://res.cisco.com/?button=ok&lp=en	false	unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css	false	unknown
https://static.cres-aws.com/postx.css	false	unknown
https://res.cisco.com/admin/cisco-fonts.min.css	false	unknown
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/select2.min.js	false	unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js	false	unknown
https://res.cisco.com/?button=google&lp=en	false	unknown
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js	false	unknown
http://res.cisco.com/?button=ok&lp=en	false	unknown
https://static.cres-aws.com/fonts/Inter/Inter-Light.ttf	false	unknown
https://res.cisco.com/favicon.ico	false	unknown
https://res.cisco.com/admin/fonts/Inter/Inter-Bold.ttf	false	unknown
https://res.cisco.com/admin/fonts/SharpSans/SharpSans-Bold.ttf	false	unknown
file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	true	unknown
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstatic.cres-aws.com%2fpostx.css&c=E,1,_oNzUaaJ6Oh_nmW_uRHKD7LdB7nJv5nE_YElsWxHIL-NU42TXK4qYBmvLBLeAQOn2J9dTpT7BwPZoOaqPQ0RYcNDJvyshA79Xq8drtgBOg,,&typo=1	false	unknown
https://res.cisco.com/?lp=en	false	unknown
https://res.cisco.com/websafe/templates/css/customHelp.css	false	unknown
https://static.cres-aws.com/fonts/Inter/Inter-Regular.ttf	false	unknown
https://res.cisco.com/websafe/root	false	unknown
https://static.cres-aws.com/fonts/Inter/Inter-SemiBold.ttf	false	unknown
https://res.cisco.com/websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7lYX2A!!/branding/customer-logo.gif?f=1	false	unknown
https://static.cres-aws.com/CRES_login_bg.jpg	false	unknown
https://res.cisco.com/websafe/templates/screen-reader.js	false	unknown
https://static.cres-aws.com/fonts/Inter/Inter-Bold.ttf	false	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 149	assembler source, ASCII text, with very long lines (554)	A0B4FF216E038470B000B63F5AA39816	319D6BB77F2115DA9F977569477AC010F87E6386	7A61694ACF36F22050B90F751DBAFC330D5025471F83F5C08F663CD2633448F7
Chrome Cache Entry: 150	ASCII text, with CRLF line terminators	0EF5306CD54F1799C9FA23548762EC4A	6E56D085A9136CBE8EBEC45DA4F18BA0299C5F0C	CD4EB96D517491FCBA4D0748AD53B58DA9A3644DB226BE8B55FD93473AD8ADDD
Chrome Cache Entry: 151	ASCII text, with very long lines (57791)	E1D98D47689E00F8ECBC5D9F61BDB42E	6778FED3CF095A318141A31F455C8F4663885BDE	0A34A87842C539C1F4FEEC56BBA982FD596B73500046A6E6FE38A22260C6577B
Chrome Cache Entry: 152	ASCII text, with CRLF line terminators	0EF5306CD54F1799C9FA23548762EC4A	6E56D085A9136CBE8EBEC45DA4F18BA0299C5F0C	CD4EB96D517491FCBA4D0748AD53B58DA9A3644DB226BE8B55FD93473AD8ADDD
Chrome Cache Entry: 153	JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, comment: "LEADTOOLS v22.0", baseline, precision 8, 160x41, components 3	FA13220B416C917F852BFF8652327A98	A2BA788C3569A3286061653A97E64908593F95F5	1C0D26673AB2A79D6C8FE859234E18B9A1CD0346471767CCCDDF0F8D957E0E67
Chrome Cache Entry: 154	TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)Inter LightRegular3.019;	60C8F64064078554B6469EEDA25944EB	732E278A85762A0EDFB4E077E44E3EB39D8AF92E	7FB161BBEB1C03F21D9A80601400D803E7EA7DD6FC8EA164F2B2A073E7722953
Chrome Cache Entry: 155	TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterBold3.019;RSMS;Inte	D17C0274915408CEE0308D5476DF9F45	444CDCA680F8CE64C16FE5A606DCFBE4B33E7925	F9342F2D916AA89C924BC2ADCC1D3BFBB6EB54675E48953BACC49024FC768F76
Chrome Cache Entry: 156	JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, comment: "LEADTOOLS v22.0", baseline, precision 8, 160x41, components 3	FA13220B416C917F852BFF8652327A98	A2BA788C3569A3286061653A97E64908593F95F5	1C0D26673AB2A79D6C8FE859234E18B9A1CD0346471767CCCDDF0F8D957E0E67
Chrome Cache Entry: 157	ASCII text, with very long lines (57791)	E1D98D47689E00F8ECBC5D9F61BDB42E	6778FED3CF095A318141A31F455C8F4663885BDE	0A34A87842C539C1F4FEEC56BBA982FD596B73500046A6E6FE38A22260C6577B
Chrome Cache Entry: 158	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com. 2016], baseline, precision 8, 1440x960, components 3	E38D601F1F6EF6663954EC55183C5FDE	63D466158889D3043056ACDFBF330F16E55DA498	9B8699D04D29EC9D28E06E4953C40AADE72619EF9813F25632E25DD5FFDBC89C
Chrome Cache Entry: 159	ASCII text	096CE0B8694339B10AA989E61521A9CA	4834282EA07AFF4A2D83684E9538F51475077297	252FC0DEE0B0A65A653A09D20E388C3A9B2D201ACCEAE55FDB19B5ACDD5A75FE
Chrome Cache Entry: 160	ASCII text	FFD024A5F355F3A7D58EE4A0989472F0	391284200A85AC7C1A91EED218F929E6625DF107	8009FACCEF527042BDEF7373469CEFF25079ED17A5328FB0FF9EBF9F3A91D022
Chrome Cache Entry: 161	TrueType Font data, 16 tables, 1st "GDEF", 11 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterRegular3.019;RSMS;I	A4A7379505CD554EA9523594B7C28B2A	C2767D146C3C10FE6C9B8AC0F181EF907C111F19	EEAB48280AACD4FC83C1C7E735681DF9EDD1B59588DDE23D0339BCF6552FB788
Chrome Cache Entry: 162	assembler source, ASCII text, with very long lines (532)	327455C921FD609119557C0E6C125F1A	313B51FF43F674A6D3C912B5F7BE6D161382CA05	ED17CD34424CD1231D8AEAF80F0DC27F604BE4AE9A8C61D82581B2984FD1E1AF
Chrome Cache Entry: 163	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com. 2016], baseline, precision 8, 1920x1280, components 3	C3598F2D3BF6694DF3378AAFC792BFEE	BBCA95477B9B15A41E4EDC59784D76F621A27263	A7842139A79734699FB6BD749733DA53E30B3634FB8C2695B57FD1A017DD1FE2
Chrome Cache Entry: 164	Unicode text, UTF-8 text, with very long lines (64131)	7C909F6DD07BED69C9CDABC9DEE2C131	7EF0ABFDB5935CDC2D50953FC0CEE43ABB501C28	C1F5534ED276A1EAA57B106C7DADCC994A01EFBC033513EA4F5435580D8C327E
Chrome Cache Entry: 165	Unicode text, UTF-8 text, with very long lines (64131)	7C909F6DD07BED69C9CDABC9DEE2C131	7EF0ABFDB5935CDC2D50953FC0CEE43ABB501C28	C1F5534ED276A1EAA57B106C7DADCC994A01EFBC033513EA4F5435580D8C327E
Chrome Cache Entry: 166	ASCII text, with very long lines (65447)	2C872DBE60F4BA70FB85356113D8B35E	EE48592D1FFF952FCF06CE0B666ED4785493AFDC	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
Chrome Cache Entry: 167	TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh	FD6EC063F4FDB8130A0BB83B8BFEEF1B	1C58C28756170ED365D535C2A4667FA34BDAF2F6	6D821BFA1C0E286427E0B31DA501B39333E2A3D791CEBF213B2E605393656D8A
Chrome Cache Entry: 168	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com. 2016], baseline, precision 8, 1920x1280, components 3	C3598F2D3BF6694DF3378AAFC792BFEE	BBCA95477B9B15A41E4EDC59784D76F621A27263	A7842139A79734699FB6BD749733DA53E30B3634FB8C2695B57FD1A017DD1FE2
Chrome Cache Entry: 169	ASCII text, with very long lines (65447)	2C872DBE60F4BA70FB85356113D8B35E	EE48592D1FFF952FCF06CE0B666ED4785493AFDC	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
Chrome Cache Entry: 170	ASCII text, with very long lines (65447)	2C872DBE60F4BA70FB85356113D8B35E	EE48592D1FFF952FCF06CE0B666ED4785493AFDC	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
Chrome Cache Entry: 171	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=sandra cifo. www.cifography.com. 2016], baseline, precision 8, 1440x960, components 3	E38D601F1F6EF6663954EC55183C5FDE	63D466158889D3043056ACDFBF330F16E55DA498	9B8699D04D29EC9D28E06E4953C40AADE72619EF9813F25632E25DD5FFDBC89C
Chrome Cache Entry: 172	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	E19FDB47503248CA528DCCE82458B722	51CBCBF58B3A7DFF677E3551BC4A3EDBC5DFFC93	62A8461E328D5BACE3780FF738D0B58F6502592C04AFA564E0A8A792583A7BFB
Chrome Cache Entry: 173	ASCII text, with very long lines (20831)	56456DB9D72A4B380ED3CB63095E6022	6DBCE88AEE15B42F29083DF7A07513CF3B486BA0	66F3A07E1FA9B64A686B66381E4458DBC8ABF3DBBFF954720C4EEC07B84411C2
Chrome Cache Entry: 174	ASCII text, with very long lines (65324)	A15C2AC3234AA8F6064EF9C1F7383C37	6E10354828454898FDA80F55F3DECB347FD9ED21	60B19E5DA6A9234FF9220668A5EC1125C157A268513256188EE80F2D2C8D8D36
Chrome Cache Entry: 175	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	E19FDB47503248CA528DCCE82458B722	51CBCBF58B3A7DFF677E3551BC4A3EDBC5DFFC93	62A8461E328D5BACE3780FF738D0B58F6502592C04AFA564E0A8A792583A7BFB
Chrome Cache Entry: 176	ASCII text, with very long lines (14965)	9F54E6414F87E0D14B9E966F19A174F9	AE5735562FAABD1A2D9803BBD7BF4C502B5E4F51	15D6AD4DFDB43D0AFFAD683E70029F97A8F8FC8637A28845009EE0542DCCDF81
Chrome Cache Entry: 177	ASCII text	096CE0B8694339B10AA989E61521A9CA	4834282EA07AFF4A2D83684E9538F51475077297	252FC0DEE0B0A65A653A09D20E388C3A9B2D201ACCEAE55FDB19B5ACDD5A75FE
Chrome Cache Entry: 178	ASCII text	FB2ECA121A12D98402B53355D9EACF7E	4BD42A075D32E7631D6D378FDCB4135DB20BA191	2E1C61EEC11CFDBC16A55D6433341F9CE2A5253BA94F01FADC2D4BA31A8719EB
Chrome Cache Entry: 179	ASCII text, with very long lines (20831)	56456DB9D72A4B380ED3CB63095E6022	6DBCE88AEE15B42F29083DF7A07513CF3B486BA0	66F3A07E1FA9B64A686B66381E4458DBC8ABF3DBBFF954720C4EEC07B84411C2
Chrome Cache Entry: 180	TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterBold3.019;RSMS;Inte	D17C0274915408CEE0308D5476DF9F45	444CDCA680F8CE64C16FE5A606DCFBE4B33E7925	F9342F2D916AA89C924BC2ADCC1D3BFBB6EB54675E48953BACC49024FC768F76
Chrome Cache Entry: 181	TrueType Font data, 16 tables, 1st "GDEF", 11 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)InterRegular3.019;RSMS;I	A4A7379505CD554EA9523594B7C28B2A	C2767D146C3C10FE6C9B8AC0F181EF907C111F19	EEAB48280AACD4FC83C1C7E735681DF9EDD1B59588DDE23D0339BCF6552FB788
Chrome Cache Entry: 182	TrueType Font data, 16 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Inter Project Authors (https://github.com/rsms/inter)Inter SemiBoldRegular3.0	1753A05196ABEEF95C32F10246BD6473	ACDA92ADC6CF8C67C89395C65F371A4D2B05A783	F5595839DEBDB0D028116ED8A7579F31D1C2F712677A2E794459A5DCE6ECA929

Phishing

AI detected phishing page

Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

LLM: Score: 10 Reasons: HTML file with login form DOM: 0.0.pages.csv

Suspicious Javascript code found in HTML file

Source: securedoc_20241028T070148.html	HTTP Parser: document.write
Source: securedoc_20241028T070148.html	HTTP Parser: location.href
Source: securedoc_20241028T070148.html	HTTP Parser: .location
Source: securedoc_20241028T070148.html	HTTP Parser: .location

Detected hidden input values containing email addresses (often used in phishing pages)

Source: securedoc_20241028T070148.html

HTTP Parser: Tompkins ClientAlerts <TIAClientAlerts@tompkinsfinancial.com>

HTML page contains hidden javascript code

Source: securedoc_20241028T070148.html

HTTP Parser: Base64 decoded: Zeppelin rules!

HTML title does not match URL

Source: securedoc_20241028T070148.html	HTTP Parser: Title: Secure Registered Envelope:Capital Blue Cross: Gag Clause Prohibition Attestation Due 12.31.2024 does not match URL
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: Title: Secure Registered Envelope:Capital Blue Cross: Gag Clause Prohibition Attestation Due 12.31.2024 does not match URL

None HTTPS page querying sensitive user data (password, username or email)

Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

HTTP Parser: Has password / email / username input fields

Source: securedoc_20241028T070148.html	HTTP Parser: <input type="password" .../> found
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: <input type="password" .../> found

Source: securedoc_20241028T070148.html	HTTP Parser: No favicon
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: No favicon
Source: https://res.cisco.com/websafe/help?topic=AddrNotShown	HTTP Parser: No favicon

Source: securedoc_20241028T070148.html	HTTP Parser: No <meta name="author".. found
Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html	HTTP Parser: No <meta name="author".. found

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:55889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:55891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56107 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56109 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:49745 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:55888 -> 1.1.1.1:53

HTTP GET or POST without a user agent

Source: global traffic

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 13.32.121.40 13.32.121.40
Source: Joe Sandbox View	IP Address: 104.18.11.207 104.18.11.207
Source: Joe Sandbox View	IP Address: 104.18.11.207 104.18.11.207
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox View	IP Address: 104.17.25.14 104.17.25.14

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/css/select2.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/js/select2.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /url?a=https%3a%2f%2fstatic.cres-aws.com%2fpostx.css&c=E,1,_oNzUaaJ6Oh_nmW_uRHKD7LdB7nJv5nE_YElsWxHIL-NU42TXK4qYBmvLBLeAQOn2J9dTpT7BwPZoOaqPQ0RYcNDJvyshA79Xq8drtgBOg,,&typo=1 HTTP/1.1Host: linkprotect.cudasvc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7lYX2A!!/branding/customer-logo.gif?f=1 HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/select2/4.0.12/js/select2.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=HG3kvu0slMZuJcb9i+ticrobJGsuNqwAzgdTmZ42owFqRMb8V7gEO7p/Ec76d3Qhvz64JtTYwUybMDjDoyjGIjdriv3lfljS3Ytzrcj1Oarl+zwASKElJzsCoRxh
Source: global traffic	HTTP traffic detected: GET /postx.css HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7lYX2A!!/branding/customer-logo.gif?f=1 HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=VEPU1jrYZMyYdK4yQ+GL7F/Re0NNKq7Or+UfPr4dcNOgf7rYnJZhETgmfEflm74/1cshsbq5K9+duwUF0j1lgY88jqoODswzaHD64zDsQICYbRjgX1J6tu3ZNyS4
Source: global traffic	HTTP traffic detected: GET /?button=google&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=VEPU1jrYZMyYdK4yQ+GL7F/Re0NNKq7Or+UfPr4dcNOgf7rYnJZhETgmfEflm74/1cshsbq5K9+duwUF0j1lgY88jqoODswzaHD64zDsQICYbRjgX1J6tu3ZNyS4
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rKN7t26EwX5VZTv&MD=nDGhOfPU HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=QSKcOHE3Nh9OsnHnZ26gHGLxHguNxe1y8zg2eEpHPBQqd9RoGtlApoC5YpmiH7uMGPrQzsA4sLyJrKt4LuB6rVAeKkUaI8rwlYaC4QWOgoM86aLNgr5au7vHaasx
Source: global traffic	HTTP traffic detected: GET /?button=ok&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=o6adIflfa5CPi106AZ/v1hjQtgghmUOqBXiX4hMBWDjnqauFBmZoNPDpNeRH8geKTC+Xt4npgHrRkIOjH/uoppMbuD6rEXQOhVNjfaxkb7zxj4RpKSrDFKZtFOLl
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=snKp8YD+Kxjt+CN8nIbRXc+MmnTNMIfKVhdZaMY0sAgsK3KWQMeOHT5I4CNBeiS9fCe+TOHBJt44Kk4wSeJdQxiRilJ0T5GGLqCd8Q3yTB6MmsrLh2Vt+LPeMlSn
Source: global traffic	HTTP traffic detected: GET /CRES_login_bg.jpg HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=37hHCDce278SHjhjqZBfU7ukhyFcWdCHCHouLw6ot11yH23ie6kCIQiv2Jc6Cq+4NhjNxXmpOCRDF48HTdaWbhTdXIrns1Lb7fId2kJNCrgZwr2TWitv7qY2U0rY
Source: global traffic	HTTP traffic detected: GET /websafe/images/loginbg.gif HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=CGYuSijmf2Lm97RbU6TTcEwIgmt7kb/C1/2OrCMNWhj+kd0zVkLLFNSChM0vgSZrC3O7LR6DwIIs6tLOh63RoGKSCQW4KByXG4kg0TeJMCnBdKjPt6isZ0dcXDEy
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Regular.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-SemiBold.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/images/loginbg.gif HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=CGYuSijmf2Lm97RbU6TTcEwIgmt7kb/C1/2OrCMNWhj+kd0zVkLLFNSChM0vgSZrC3O7LR6DwIIs6tLOh63RoGKSCQW4KByXG4kg0TeJMCnBdKjPt6isZ0dcXDEy; AWSALBCORS=+BGU0WVHEHiFae7BrAa1mDlpgXzT9hJxmQY/wdhrqEbzHGV/fWPpuet5w0yCCmULVpiR9nw7LfbAkQziqVK57g40NBLqUcVl4pjrSrezixuxst5bnBlt7kzYTMf+
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Light.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/Inter/Inter-Bold.ttf HTTP/1.1Host: static.cres-aws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: nullsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://static.cres-aws.com/postx.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=+BGU0WVHEHiFae7BrAa1mDlpgXzT9hJxmQY/wdhrqEbzHGV/fWPpuet5w0yCCmULVpiR9nw7LfbAkQziqVK57g40NBLqUcVl4pjrSrezixuxst5bnBlt7kzYTMf+
Source: global traffic	HTTP traffic detected: GET /CRES_login_bg.jpg HTTP/1.1Host: static.cres-aws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBCORS=+BGU0WVHEHiFae7BrAa1mDlpgXzT9hJxmQY/wdhrqEbzHGV/fWPpuet5w0yCCmULVpiR9nw7LfbAkQziqVK57g40NBLqUcVl4pjrSrezixuxst5bnBlt7kzYTMf+
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=HWJcMsb9i+BC7PkIVZHr/O2A5Ke7nJH7qP7T7U+PDw66fXs6AwuUSizMnjPeGk5t6FdMxJUC0ddElEQ4bbjku1wulPczywbw2BsNuEzR2p4CWon8tOgc76aULvdH; AWSALBCORS=HWJcMsb9i+BC7PkIVZHr/O2A5Ke7nJH7qP7T7U+PDw66fXs6AwuUSizMnjPeGk5t6FdMxJUC0ddElEQ4bbjku1wulPczywbw2BsNuEzR2p4CWon8tOgc76aULvdH
Source: global traffic	HTTP traffic detected: GET /websafe/root HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=q/+aOH8PDljsDj8uv2Fg1ox7Z0ojIRQU1rNqrDpfpJxXRhMeZi4UPcMmWI5ThM83+RIbU6eHninI+vHeghfNLYtBpl8Qkdnjm9IkPrkI4EIodljNVGkSmQMYOPUM; AWSALBCORS=q/+aOH8PDljsDj8uv2Fg1ox7Z0ojIRQU1rNqrDpfpJxXRhMeZi4UPcMmWI5ThM83+RIbU6eHninI+vHeghfNLYtBpl8Qkdnjm9IkPrkI4EIodljNVGkSmQMYOPUM
Source: global traffic	HTTP traffic detected: GET /websafe/help?topic=AddrNotShown HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=pMbTE1anOOpQ711klqGgQPiRsA6Qlef+mnekzVfad/Lmn3vMGlUXiL4E7VZX2XsFQl/iA3BgFxR7efZtBsPTa69nEtdpQ7VYDw+cnOZFh4NQ0LpkPwTB6KAOXvfG; AWSALBCORS=pMbTE1anOOpQ711klqGgQPiRsA6Qlef+mnekzVfad/Lmn3vMGlUXiL4E7VZX2XsFQl/iA3BgFxR7efZtBsPTa69nEtdpQ7VYDw+cnOZFh4NQ0LpkPwTB6KAOXvfG
Source: global traffic	HTTP traffic detected: GET /websafe/templates/css/postx.css HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/templates/css/customHelp.css HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /admin/cisco-fonts.min.css HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /websafe/templates/standard-scripts.js HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /websafe/templates/screen-reader.js HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x; AWSALBCORS=5upXCx6MqFtHWXrRHiq4vajY791t3retYkDMxMca4bV11vs9/jGZqywxNaZdsMsN5h3D3uZ23fXbODGxg9MkHJV7Q6tfBoEH1QvsfDz8upJtebeZMwaOY8WGoS5x
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /websafe/templates/screen-reader.js HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /websafe/templates/standard-scripts.js HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D4033335E8B26A641935BCBBEC87C15C; AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /admin/fonts/Inter/Inter-Regular.ttf HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://res.cisco.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://res.cisco.com/admin/cisco-fonts.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /admin/fonts/SharpSans/SharpSans-Bold.ttf HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://res.cisco.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://res.cisco.com/admin/cisco-fonts.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /admin/fonts/Inter/Inter-Bold.ttf HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://res.cisco.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://res.cisco.com/admin/cisco-fonts.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv; AWSALBCORS=CO/hVVOOxCHUBkY0NKQucmSjBqc/z+A0rKkK7oTOPXdTNk1/7jyhdcITKM7JjcAzRt+JAbkgtvZVFPDGHWHitIQyGfVf4R4RCU2/84rd6u3ocYpHk7jGwDv/psxv
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: res.cisco.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://res.cisco.com/websafe/help?topic=AddrNotShownAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=svO+HYkz65gquHoLf8FhEBwx3ahVXpXjea3gs3qTZHBUUYvCaReuLc6Kz9b0BFQpcNx2QnVNUq58IYJeol3iS1XSZtGOwR/23eLQewooMA09/ADuyd0R6Cllughj; AWSALBCORS=svO+HYkz65gquHoLf8FhEBwx3ahVXpXjea3gs3qTZHBUUYvCaReuLc6Kz9b0BFQpcNx2QnVNUq58IYJeol3iS1XSZtGOwR/23eLQewooMA09/ADuyd0R6Cllughj
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=sbF93VDK6cMdYrA0q4gAVhpN6i0b+1WeWUhQVRUru3PpOpo4+2JHDM65+1Xi8QJhMFOaH7zB1LDvpaym+np5RVnnimAKFn8WggRQYN3Ql/1oFN9GytUKXXycO+zD; AWSALBCORS=sbF93VDK6cMdYrA0q4gAVhpN6i0b+1WeWUhQVRUru3PpOpo4+2JHDM65+1Xi8QJhMFOaH7zB1LDvpaym+np5RVnnimAKFn8WggRQYN3Ql/1oFN9GytUKXXycO+zD
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rKN7t26EwX5VZTv&MD=nDGhOfPU HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /?lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?p=0&d=%7B%27name%27%3Anull,%0D%0A%27msgID%27%3A%27%7C1__d94e1f9600000192d2ca05ded84792bf017da47c%40esa2%2Ehc5811-91%2Eiphmx%2Ecom%27,%0D%0A%27flags%27%3A3073,%0D%0A%27rid%27%3A%27c3VzYW4gZ29yZG9uIDxzZ29yZG9uQHRvbXBraW5zZmluYW5jaWFsLmNvbT4%3D%27,%0D%0A%27algnames%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%27AES%27%7D,%27keyHash%27%3A%27SHA-256%27%7D,%0D%0A%27algparams%27%3A%7B%27encryption%27%3A%7B%27data%27%3A%7B%27IV%27%3A%27gSFVkYOu1Y3UkMOIZWQXMQ%3D%3D%27%7D%7D%7D,%0D%0A%27keyserverhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27securereplyhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27openerhost%27%3A%27res%2Ecisco%2Ecom%3A443%27,%0D%0A%27toc%27%3A%5B%0D%0A%5B%27Body-1730113308129%2Etxt%27,1,%0D%0A%27%27,%0D%0A%27%27,%0D%0A13,%5B0,8415%5D,%27Body-1730113308129%2Etxt%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27image003%2Epng%27,2,%0D%0A%27%27,%0D%0A%27image003%2Epng%27,%0D%0A21,%5B8415,19175%5D,%27image003%2Epng%27,%0D%0A%27ISO-8859-1%27%5D,%0D%0A%5B%27MessageBar%2Ehtml%27,4,%0D%0A%27%27,%0D%0A%27%27,%0D%0A1,%5B27590,30890%5D,%27MessageBar%2Ehtml%27,%0D%0A%27ISO-8859-1%27%5D%0D%0A%5D,%0D%0A%27salt%27%3A%272pw3EGj9%2FtsABMAfwh2rJUEIde0%3D%27,%0D%0A%27data%27%3A%5B%0D%0A%27%27,%27tUsZ%2FH%2BJdTmbz4jzArkw%2FppPaVmS5HEV70bdWgYHbXZosCmVgAXddacI9N42JABOKX5jk3Kcmw812ymvXNEtZr9jT3eqUWzAt06N7CmGnHLQFEofzHke%2FCir8AYoVPmKAhXqPnDiaFzo8lt%2BsLhEzAeXJQgsdz5t78yamP8MNJSMM4PbLHDWDTstCEVFuNVP6GGwG%2FJDeMo3ePCHjgOwZ%2BwlzJ6V09qvIfMGLq2mGnBrtDgju8dXpnjkqC9ZB1RHEKLGw4jBfG3PR5%2FBzr0SK1q70pM6jCukP1JNnmEX0mzR08njV4nv9qmI8cQ7p72OS6pjks0te0QxEYz8AR8CwW6EtXAOxZq5BRaTy4y%2FwG80HNZiXrKEziGlnmxr52SJUMo4qqVzOsf3QAMrBDR5DLZTdembXWiSKM8Dgnyfc13VY7wW6xOin2vJMqvRdw136QC37CykLzJWWMv5piPaBFd81Ov1ys%2BHM1G0hU6lDJmoEflYlcnGu7ZqQ0cHARc0D1NDS%2FEdayuxSzcOHrQVtYDbvNNx9rR1dr5ZaWaAHeyuOCyv9lVoC0ZfStpfCf9M4ftuu6CIYh7vVNzf6JKib3AvEbN4xZx45wWTNdf3Gxipt5BqYXMJSFBuDTIIug4BlRkqZ2CEIFpPBLDpQkk9CrKXkffVsc2KEwNld1jdcwBI3rvOyeAlhm1KLVsqnVL9govSsOx03WSdbzbyvF2WzO0A97PM52VMR9JjBgxA4WSt1T24bWUQBiqlofX7W4yV3fvR2RrrbJvnqq2lMPoMnTL2taapQ1Qg72wQmcKf3P9ni%2FbboYFqqfScQmqnfGKLr81P%2B076WSKpoS2KtRvuDvr%2Fk8hwb0EB%2BqsmJUrxRbGa08R1XGra7v%2FX3eoO4OrtiQexV3h4HsU2OrvYorzfkyPjlMoodEVUotD6U3CMJ8Ngbt%2Fl1%2FhhgA5QgcZ5m1uHB9qZgTmrXpJw7fEwlW1%2FtaqAym063Dl3sXMtgL4aDSS8vqkbBidB3zgf5UvbOnKJjO7OllHjdjqbRuj7bdW3sNDGIKqnWCFYUjJPA9NYQVAElrYPWnfjFRoS3bgEcxO%2B5t62apUJ6F3jdl1W563zw7FnOPui5ye9xOebZbt6XrnInoxV9Rr66iilrK8P0yllQ7HIPNtBGDe5t%2FcKAaMRze9Aqajvyi9EPDAIa2YKNsPgkJGMxCssv%2FpI1Ls9IlDygR9HnBxoj1bE0Jst8ztPH99LOfHtBEcSoZRsJ33ARS5Dx4xwRRiHHJLneWg29OL9QXEGEFiNgf8KYeADzZDaWzkq3UjAkZxG8ifCwtqNoRiH1BwAppka62NhtzZ5q6MpIVtglGQiJiM%2FuwSNqOWe0QJpEhgDf2AZ%2FrDqWn8toEpAFtbQP0Q0itLB37Tkx7zsodNejhMflb0XQEStKf0fLsgV2MUcda52MpfJsUrDamaRoQ9wNK9fQzgL%2FsHGnNnHxqNXMZySJxwY0v56le%2BpieJZREaLfVhsEkcmD%2FvusRd%2BVsJxHcEE7XBSXnfNDtCUGs%2BYgLvqFRGXxhgWom8sfSKp0Z8anxlDs5J8ExhM4CFmENn%2Fwr9ePzCf2UeqYEBzSeYh6jZG8iVU7NOKeMglZf%2B5DAX8%2F7Q4cqfnDuob4c563PgfYhld8g5EZvfSDU0FsPqISDCndhKXotATNKq0CEtLqpDLROoTsAgufwMstTcGTH6%2BNdi4xEu0oWH%2BYm
Source: global traffic	HTTP traffic detected: GET /?button=google&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?button=ok&lp=en HTTP/1.1Host: res.cisco.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: linkprotect.cudasvc.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: res.cisco.com
Source: global traffic	DNS traffic detected: DNS query: static.cres-aws.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com

Source: chromecache_179.2.dr, chromecache_173.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: securedoc_20241028T070148.html	String found in binary or memory: http://res.cisco.com?button=google&lp=en
Source: securedoc_20241028T070148.html	String found in binary or memory: http://res.cisco.com?button=ok&lp=en
Source: securedoc_20241028T070148.html	String found in binary or memory: http://res.cisco.com?lp=en
Source: chromecache_154.2.dr	String found in binary or memory: http://scripts.sil.org/OFLInterLightWeightSlant
Source: chromecache_182.2.dr	String found in binary or memory: http://scripts.sil.org/OFLInterSemiBoldWeightSlant
Source: chromecache_161.2.dr, chromecache_181.2.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightSlant
Source: chromecache_180.2.dr, chromecache_155.2.dr	String found in binary or memory: http://scripts.sil.org/OFLWeightSlantRegular
Source: chromecache_167.2.dr	String found in binary or memory: http://www.sharptype.co
Source: chromecache_167.2.dr	String found in binary or memory: http://www.sharptype.cohttp://www.sharptype.cohttp://www.sharptype.cohttp://www.sharptype.cohttp://w
Source: securedoc_20241028T070148.html	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Source: securedoc_20241028T070148.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/css/select2.min.css
Source: securedoc_20241028T070148.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/select2.min.js
Source: chromecache_151.2.dr, chromecache_174.2.dr, chromecache_157.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_182.2.dr, chromecache_154.2.dr	String found in binary or memory: https://github.com/rsms/inter)Inter
Source: chromecache_180.2.dr, chromecache_155.2.dr	String found in binary or memory: https://github.com/rsms/inter)InterBold3.019;RSMS;Inter-BoldInter
Source: chromecache_161.2.dr, chromecache_181.2.dr	String found in binary or memory: https://github.com/rsms/inter)InterRegular3.019;RSMS;Inter-RegularInter
Source: chromecache_165.2.dr, chromecache_164.2.dr	String found in binary or memory: https://github.com/select2/select2/blob/master/LICENSE.md
Source: chromecache_151.2.dr, chromecache_174.2.dr, chromecache_157.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_151.2.dr, chromecache_157.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f_l.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f_n.save&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2falgnames.encryption.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fd6.run&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdC.name&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdocument.open&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ff1.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fgM.nr&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fi18n.authframe.safr.button.open&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fi18n.authframe.safr.passphrase.more.info&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fiA.name&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fiB.name&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fih.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fil.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fm.data&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fopenerObj.run&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstatic.cres-aws.com%2fpostx.css&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ftext_i18n.authframe.safr.link.help&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fthis.save&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fthis.total&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwindow.open&c=E
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/custom.action?cmd=authFrame
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/images/loginbg.gif
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/images/pullFeature/arrowDown.svg
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com/websafe/logo/HZio7Pe9aCv75Ci5tcUaFOo3gwSwWH1fmVNz4z-FwW-EfOrJiAw6iFbvTh4IP35z7
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/envelopeopener/decrypt_envelope.jsp
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/keyserver/Logout
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/keyserver/keyserver
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=AddrNotShown
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=PPNotShown
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/help?topic=RegEnvelope
Source: securedoc_20241028T070148.html	String found in binary or memory: https://res.cisco.com:443/websafe/pswdForgot.action
Source: securedoc_20241028T070148.html	String found in binary or memory: https://static.cres-aws.com/CRES_login_bg.jpg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 56010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56039
Source: unknown	Network traffic detected: HTTP traffic on port 56159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56046
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 55945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 55922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56049
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56055
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56052
Source: unknown	Network traffic detected: HTTP traffic on port 55979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56053
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56054
Source: unknown	Network traffic detected: HTTP traffic on port 56113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56050
Source: unknown	Network traffic detected: HTTP traffic on port 56148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56059
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56067
Source: unknown	Network traffic detected: HTTP traffic on port 56158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56064
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56065
Source: unknown	Network traffic detected: HTTP traffic on port 56032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56061
Source: unknown	Network traffic detected: HTTP traffic on port 56147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56079
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56073
Source: unknown	Network traffic detected: HTTP traffic on port 56136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56070
Source: unknown	Network traffic detected: HTTP traffic on port 55946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56072
Source: unknown	Network traffic detected: HTTP traffic on port 56079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 56146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 56020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56119
Source: unknown	Network traffic detected: HTTP traffic on port 55955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56114
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56124
Source: unknown	Network traffic detected: HTTP traffic on port 55978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56120
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 55989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56127
Source: unknown	Network traffic detected: HTTP traffic on port 55912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56007
Source: unknown	Network traffic detected: HTTP traffic on port 56046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56133
Source: unknown	Network traffic detected: HTTP traffic on port 56134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56131
Source: unknown	Network traffic detected: HTTP traffic on port 55944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56019
Source: unknown	Network traffic detected: HTTP traffic on port 55934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56139
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56024
Source: unknown	Network traffic detected: HTTP traffic on port 56135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56146
Source: unknown	Network traffic detected: HTTP traffic on port 56112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56142
Source: unknown	Network traffic detected: HTTP traffic on port 56019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 56070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 56101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56147
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56149
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56155
Source: unknown	Network traffic detected: HTTP traffic on port 56157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56153
Source: unknown	Network traffic detected: HTTP traffic on port 56092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 55900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55909
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55903
Source: unknown	Network traffic detected: HTTP traffic on port 55965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55904
Source: unknown	Network traffic detected: HTTP traffic on port 55988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55901
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55919
Source: unknown	Network traffic detected: HTTP traffic on port 56088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55915
Source: unknown	Network traffic detected: HTTP traffic on port 56116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55910
Source: unknown	Network traffic detected: HTTP traffic on port 56151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55912
Source: unknown	Network traffic detected: HTTP traffic on port 55954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55929
Source: unknown	Network traffic detected: HTTP traffic on port 56012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55925
Source: unknown	Network traffic detected: HTTP traffic on port 56150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55923
Source: unknown	Network traffic detected: HTTP traffic on port 55930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55936
Source: unknown	Network traffic detected: HTTP traffic on port 55966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55931
Source: unknown	Network traffic detected: HTTP traffic on port 56139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55932
Source: unknown	Network traffic detected: HTTP traffic on port 55918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55934
Source: unknown	Network traffic detected: HTTP traffic on port 56023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55930
Source: unknown	Network traffic detected: HTTP traffic on port 55892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 56054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56087
Source: unknown	Network traffic detected: HTTP traffic on port 56114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56080
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56081
Source: unknown	Network traffic detected: HTTP traffic on port 56126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56083
Source: unknown	Network traffic detected: HTTP traffic on port 55941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56096
Source: unknown	Network traffic detected: HTTP traffic on port 56000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56094
Source: unknown	Network traffic detected: HTTP traffic on port 56077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56090
Source: unknown	Network traffic detected: HTTP traffic on port 56115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55987
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55982
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55984
Source: unknown	Network traffic detected: HTTP traffic on port 56027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55985
Source: unknown	Network traffic detected: HTTP traffic on port 56062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55992
Source: unknown	Network traffic detected: HTTP traffic on port 55997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55993
Source: unknown	Network traffic detected: HTTP traffic on port 55916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55996
Source: unknown	Network traffic detected: HTTP traffic on port 55927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55889
Source: unknown	Network traffic detected: HTTP traffic on port 55915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55891
Source: unknown	Network traffic detected: HTTP traffic on port 56026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55892
Source: unknown	Network traffic detected: HTTP traffic on port 56003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55893
Source: unknown	Network traffic detected: HTTP traffic on port 56131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55899
Source: unknown	Network traffic detected: HTTP traffic on port 56153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55897
Source: unknown	Network traffic detected: HTTP traffic on port 56108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55946
Source: unknown	Network traffic detected: HTTP traffic on port 55984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55947
Source: unknown	Network traffic detected: HTTP traffic on port 56117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55942
Source: unknown	Network traffic detected: HTTP traffic on port 56152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55945
Source: unknown	Network traffic detected: HTTP traffic on port 55917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55941
Source: unknown	Network traffic detected: HTTP traffic on port 55949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55959
Source: unknown	Network traffic detected: HTTP traffic on port 56141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55956
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55952
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55965
Source: unknown	Network traffic detected: HTTP traffic on port 55896 -> 443

Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:55889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:55891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56107 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:56109 version: TLS 1.2

Source: classification engine

Classification label: mal60.phis.winHTML@30/58@26/14

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\securedoc_20241028T070148.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2036,i,11714635817237412283,15918365930633884916,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2036,i,11714635817237412283,15918365930633884916,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Persistence and Installation Behavior

AI detected suspicious URL

Source: Email

JoeBoxAI: AI detected suspicious URL: URL: securedoc_20241028T070148.html

Stealing of Sensitive Information

HTML file submission containing password form

Source: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

HTTP Parser: file:///C:/Users/user/Desktop/securedoc_20241028T070148.html

ID:	1544570
Product:	CloudBasic
Start time:	15:35:17
Start date:	29.10.2024
Sample:	securedoc_20241028T070148.html
Cookbook:	defaultwindowshtmlcookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	9e93604383164526770aee82ad13135b
SHA1:	c192c3527a34007697656f22b80e22e603eb2718
SHA256:	9f641a058fd60b589f3055e890021bc04683aa99e586372b38b16a32131166fe
Filetype:	Scalable Vector Graphics (18501/1) 24.18%

Windows Analysis Report
securedoc_20241028T070148.html

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Stealing of Sensitive Information

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report securedoc_20241028T070148.html

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Stealing of Sensitive Information

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
securedoc_20241028T070148.html