Windows Analysis Report
https://www.google.com/url?q=https://applications.zoom.us/addon/invitation/detail?meetingUuid%3D%252BJAY6v2LTHmCN%252BShxcZDnQ%253D%253D%26signature%3D3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c%26v%3D1&sa=D&source=calendar&usg=AOvVaw0T2-fu4h5tPwbdCU2y2lCO

Overview

General Information

Sample URL:	https://www.google.com/url?q=https://applications.zoom.us/addon/invitation/detail?meetingUuid%3D%252BJAY6v2LTHmCN%252BShxcZDnQ%253D%253D%26signature%3D3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f851
Analysis ID:	1546432
Infos:

Detection

Score:	4
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Creates files inside the system directory

Deletes files inside the Windows folder

Detected non-DNS traffic on DNS port

Drops PE files

Drops files with a non-matching file extension (content does not match file extension)

PE file contains an invalid checksum

PE file contains sections with non-standard names

PE file does not import any functions

PE file overlay found

Classification

Signatures

Source: Unconfirmed 28383.crdownload.0.dr

Binary or memory string: -----BEGIN PUBLIC KEY-----

memstr_ca8a5813-e

Source: https://applications.zoom.us/addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&signature=3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c&v=1	HTTP Parser: No favicon
Source: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1#success	HTTP Parser: No favicon
Source: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1#success	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:62067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:58069 version: TLS 1.2

Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr
Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb~~ source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:62034 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:58010 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /url?q=https://applications.zoom.us/addon/invitation/detail?meetingUuid%3D%252BJAY6v2LTHmCN%252BShxcZDnQ%253D%253D%26signature%3D3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c%26v%3D1&sa=D&source=calendar&usg=AOvVaw0T2-fu4h5tPwbdCU2y2lCO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&signature=3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c&v=1 HTTP/1.1Host: applications.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /addon/images/zoom_logo_invitation.png HTTP/1.1Host: aw1vaapplications.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: applications.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://applications.zoom.us/addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&signature=3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c&v=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=188pcXoTbFZfhYGy3acPD0GGEjwBzJ0fUXFxwNtGLII-1730408745-1.0.1.1-VKO4M_y_kLAhCLuCO.Un6c8yt8fbQCrO8FIFkLybgRdGsvVqdV5epEDNQGqn3kBR8r.ZPITydAkARGsjlyUVTg
Source: global traffic	HTTP traffic detected: GET /addon/images/zoom_logo_invitation.png HTTP/1.1Host: aw1vaapplications.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: applications.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=188pcXoTbFZfhYGy3acPD0GGEjwBzJ0fUXFxwNtGLII-1730408745-1.0.1.1-VKO4M_y_kLAhCLuCO.Un6c8yt8fbQCrO8FIFkLybgRdGsvVqdV5epEDNQGqn3kBR8r.ZPITydAkARGsjlyUVTg
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1 HTTP/1.1Host: rfpio.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/chat-client.js HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /fe-static/launch-meeting/meeting.537a440d01fe8a0940ee.js HTTP/1.1Host: st1.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/chat-client.js HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /fe-static/launch-meeting/meeting.537a440d01fe8a0940ee.js HTTP/1.1Host: st1.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/6.3.27088/js/lib/fingerprintjs-3.3.3.min.js HTTP/1.1Host: st3.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/cross-storage.html HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /launch/download/EUBUG9a4YInJjuEawaU7gRGITvjVQrwFY-7Sq9Y908TB1ABP5cCl9ajHhnlBhkQdq2dLv9nbDbT4mkINcd3LDApiaB-WsKdMZ7hN5VQT7NpeCsUD4tPzwsfNpGn5vbMs8hc1q7WbKOmSxpP8U0ZjTZ93s7sjsPemi3s4qFLJmgfK1FUyW-tBoYLups4dOmNkozVn-_MK3GksxpnAbZanjIGiV-FgA5DEyNYn_Fq2CAmfxITjdbI0x_GLF3k0T3pYnwmOCcJqprerLbdhI9tXG7wJhSZzwChILrEe4r8TcG1rcDtpKsiOURVvogTmlUF3w024qB9wDW0l1j3rQ-20sP8DGDvW_uMOh_JPtfAHwb626k9s3mwAJdgn-quccaE61sH6jEZm4muuddOIeJhwEWgvhiP-uMar-snwOnu-XMqfRq6GXBbxVjDS3rAk9GzwKuQ6DFk6wUr1Z11KBycuJB73OjV2zeaOpfgWJ4mzk0VHsnmQIQVulwFlRBefl8lrTE7urkwgjAbza5f_5bAXqZCmGGFNrmTjHEXgexK54FbTEwm5qZUARQOlBpVwMCgHJD2HYg_P9GeYVMwM-XVbh5IrpKTc5BvK5OSDkSn-SlySWphkw2l4fdM4lYy5Db7E2bMEulLns0M65rdE7yDrjdPMi0if.MhfG48I3Nqkt79RD/meeting/ev6tyWlgJK1_8zi6Yjqn_CGkPpj3LlO0iDTx.rKuDqjttns0D1uIh/Zoom_launcher.exe HTTP/1.1Host: rfpio.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; cred=B0324C891E33A54647F8863529588FF0; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/6.3.27088/js/lib/fingerprintjs-3.3.3.min.js HTTP/1.1Host: st3.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/b0bfa2ae-4058-4aef-8632-a5281ce4464a.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/web-campaign.js?env=us01&apikey=AM_FKF55QOG_vdWum455Vg&lazyLoadCampaignUrl=_blank HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rfpio.zoom.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/b0bfa2ae-4058-4aef-8632-a5281ce4464a.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/web-campaign.js?env=us01&apikey=AM_FKF55QOG_vdWum455Vg&lazyLoadCampaignUrl=_blank HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/018e6326-944c-770b-9e87-74eaf48b0e06/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otFloatingFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/018e6326-944c-770b-9e87-74eaf48b0e06/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otFloatingFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97; OnetrustActiveGroups=C0004C0003C0002C0001; OptanonAlertBoxClosed=2024-10-31T21:06:37.026Z; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Oct+31+2024+17%3A06%3A37+GMT-0400+(Eastern+Daylight+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=5b9744da-1d71-494e-9e3b-ff870b09b3ed&interactionCount=2&landingPath=NotLandingPage&groups=C0004%3A1%2CC0003%3A1%2CC0002%3A1%2CC0001%3A1
Source: global traffic	HTTP traffic detected: GET /request/v1/consentreceipts HTTP/1.1Host: zoom-privacy.my.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97; OnetrustActiveGroups=C0004C0003C0002C0001; OptanonAlertBoxClosed=2024-10-31T21:06:37.026Z; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Oct+31+2024+17%3A06%3A37+GMT-0400+(Eastern+Daylight+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=5b9744da-1d71-494e-9e3b-ff870b09b3ed&interactionCount=2&landingPath=NotLandingPage&groups=C0004%3A1%2CC0003%3A1%2CC0002%3A1%2CC0001%3A1
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: applications.zoom.us
Source: global traffic	DNS traffic detected: DNS query: aw1vaapplications.zoom.us
Source: global traffic	DNS traffic detected: DNS query: rfpio.zoom.us
Source: global traffic	DNS traffic detected: DNS query: st1.zoom.us
Source: global traffic	DNS traffic detected: DNS query: us01ccistatic.zoom.us
Source: global traffic	DNS traffic detected: DNS query: log-gateway.zoom.us
Source: global traffic	DNS traffic detected: DNS query: cdn.cookielaw.org
Source: global traffic	DNS traffic detected: DNS query: st3.zoom.us
Source: global traffic	DNS traffic detected: DNS query: geolocation.onetrust.com
Source: global traffic	DNS traffic detected: DNS query: zoom-privacy.my.onetrust.com

Source: unknown

HTTP traffic detected: POST /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveContent-Length: 326sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://rfpio.zoom.usSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0K
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA2562021CA1.crt0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA2562021CA1.crl0S
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA2562021CA1.crl0
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/timezone/docs/#/data-loading/.
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0I
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_147.2.dr, chromecache_148.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: sets.json.0.dr	String found in binary or memory: https://07c225f3.online
Source: sets.json.0.dr	String found in binary or memory: https://24.hu
Source: sets.json.0.dr	String found in binary or memory: https://aajtak.in
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: sets.json.0.dr	String found in binary or memory: https://ambitionbox.com
Source: chromecache_145.2.dr	String found in binary or memory: https://applications.zoom.us/addon/invitation/detail?meetingUuid
Source: chromecache_145.2.dr	String found in binary or memory: https://applications.zoom.us/addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&am
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: chromecache_155.2.dr	String found in binary or memory: https://aw1vaapplications.zoom.us/addon/images/zoom_logo_invitation.png
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://businesstoday.in
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://campaign.zoomgov.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://campaign.zoomgovdev.com/
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cci.zoomgov.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cci.zoomgovdev.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cciapi.zoomgov.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cciapi.zoomgovdev.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccistatic.zoomgov.com/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccistatic.zoomgovdev.com/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccizp.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccizpapi.zoomdev.us/
Source: sets.json.0.dr	String found in binary or memory: https://chatbot.com
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://citybibleforum.org
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://closeronline.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://cognitive-ai.ru
Source: sets.json.0.dr	String found in binary or memory: https://cognitiveai.ru
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://content-loader.com
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: sets.json.0.dr	String found in binary or memory: https://css-load.com
Source: sets.json.0.dr	String found in binary or memory: https://deccoria.pl
Source: sets.json.0.dr	String found in binary or memory: https://deere.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev-zcb.zoomdev.us/static/resource/cci/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01apizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01campaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01cci.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01cciapi.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devapizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcampaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devccistatic.zoomdev.us/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcolo.zoomdev.us
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcoloapizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcolocampaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcoloccizp.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcoloccizpapi.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://developers.google.com/web/updates/2017/01/scrolling-intervention
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devlog-gateway.zoomdev.us/nws/join/logger/zccfelog
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devoci-cdn-cci.zoomdev.us/n/idkx1lfgxgf7/b/dev-zcx/o/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://drimer.io
Source: sets.json.0.dr	String found in binary or memory: https://drimer.travel
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01apizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01campaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01cci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01cciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01ccistatic.zoom.us/eu01cci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: chromecache_153.2.dr	String found in binary or memory: https://explore.zoom.us/en/cookie-policy/
Source: chromecache_161.2.dr, chromecache_153.2.dr	String found in binary or memory: https://explore.zoom.us/en/privacy/
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: chromecache_147.2.dr, chromecache_148.2.dr	String found in binary or memory: https://fingerprintjs.com)
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/getting-started/message-distribution
Source: chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/react-intl#runtime-requirements
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/react-intl/api#intlshape
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/tooling/babel-plugin)
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/tooling/linter#enforce-id)
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/tooling/ts-transformer)
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://geforcenow.com
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/formatjs/formatjs/issues/1914
Source: chromecache_147.2.dr, chromecache_148.2.dr	String found in binary or memory: https://github.com/karanlyons/murmurHash3.js)
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/pmndrs/zustand/discussions/1937
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/unjs/consola?tab=readme-ov-file#log-level
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.38.1/LICENSE
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://gnttv.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://go-zcb.zoom.us/static/resource/cci/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://goapizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://gocampaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://gocci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://gocciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://goccistatic.zoom.us/gocci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://graziadaily.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hazipatika.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://heatworld.com
Source: sets.json.0.dr	String found in binary or memory: https://helpdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://html-load.cc
Source: sets.json.0.dr	String found in binary or memory: https://html-load.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: sets.json.0.dr	String found in binary or memory: https://img-load.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatoday.in
Source: sets.json.0.dr	String found in binary or memory: https://indiatodayne.in
Source: sets.json.0.dr	String found in binary or memory: https://infoedgeindia.com
Source: sets.json.0.dr	String found in binary or memory: https://interia.pl
Source: sets.json.0.dr	String found in binary or memory: https://intoday.in
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: sets.json.0.dr	String found in binary or memory: https://johndeere.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: sets.json.0.dr	String found in binary or memory: https://knowledgebase.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livechat.com
Source: sets.json.0.dr	String found in binary or memory: https://livechatinc.com
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://log-gateway.zoom.us/nws/join/logger/zccfelog
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: sets.json.0.dr	String found in binary or memory: https://meo.pt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://momentjs.com/timezone/docs/#/use-it/browser/
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://motherandbaby.com
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://naukri.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://nlc.hu
Source: sets.json.0.dr	String found in binary or memory: https://nosalty.hu
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://nvidia.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: sets.json.0.dr	String found in binary or memory: https://p106.net
Source: sets.json.0.dr	String found in binary or memory: https://p24.hu
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://pomponik.pl
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01apizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01campaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01ccizp.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01ccizpapi.zoomdev.us/
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: chromecache_155.2.dr	String found in binary or memory: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1
Source: chromecache_155.2.dr	String found in binary or memory: https://rfpio.zoom.us/u/aoP8jw8Ar
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01apizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01campaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01cci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01cciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01ccistatic.zoom.us/sa01cci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://sackrace.ai
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: sets.json.0.dr	String found in binary or memory: https://sapo.io
Source: sets.json.0.dr	String found in binary or memory: https://sapo.pt
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://scheduler.acqa.zoomdev.us
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://scheduler.zoom.us
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: sets.json.0.dr	String found in binary or memory: https://smaker.pl
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://smpn106jkt.sch.id
Source: sets.json.0.dr	String found in binary or memory: https://socket-to-me.vip
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startlap.hu
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/de/articles/201362023-System-Requirements
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://support.zoom.us/hc/en-us/articles/201362003-Zoom-Video-Communications-Technical-Support
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://support.zoom.us/hc/en-us/articles/201362003-Zoom-Video-Communications-Technical-Supportopens
Source: chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/en-us/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/es/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/fr/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/pt-br/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/ru/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/zh-cn/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/zh-tw/articles/201362023-System-Requirements
Source: sets.json.0.dr	String found in binary or memory: https://takeabreak.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: sets.json.0.dr	String found in binary or memory: https://terazgotuje.pl
Source: sets.json.0.dr	String found in binary or memory: https://text.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://the42.ie
Source: sets.json.0.dr	String found in binary or memory: https://thejournal.ie
Source: sets.json.0.dr	String found in binary or memory: https://thirdspace.org.au
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.app
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.com
Source: sets.json.0.dr	String found in binary or memory: https://top.pl
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01-zcb.zoom.us/static/resource/cci/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01apizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01campaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01cci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01cciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01ccistatic-cf.zoom.us/us01cci/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01ccistatic.zoom.us/us01cci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://yours.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://zcb.zoomdev.us/static/resource/cci/
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://zoom.com
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.com.cn/
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://zoom.us
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.us/
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.us/https://zoom.com/https://zoom.com.cn/https://zoomgov.com/://https:///
Source: chromecache_129.2.dr	String found in binary or memory: https://zoom.us/phonesystem
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoomgov.com/

Source: unknown	Network traffic detected: HTTP traffic on port 58054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 58077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 58111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58103
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 62092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 62046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58109
Source: unknown	Network traffic detected: HTTP traffic on port 62103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58106
Source: unknown	Network traffic detected: HTTP traffic on port 62081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58112
Source: unknown	Network traffic detected: HTTP traffic on port 58065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58114
Source: unknown	Network traffic detected: HTTP traffic on port 58122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58110
Source: unknown	Network traffic detected: HTTP traffic on port 62057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58123
Source: unknown	Network traffic detected: HTTP traffic on port 58020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58120
Source: unknown	Network traffic detected: HTTP traffic on port 58089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58121
Source: unknown	Network traffic detected: HTTP traffic on port 58078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58014
Source: unknown	Network traffic detected: HTTP traffic on port 58042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58013
Source: unknown	Network traffic detected: HTTP traffic on port 58090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58011
Source: unknown	Network traffic detected: HTTP traffic on port 62093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 58063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 62066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58069
Source: unknown	Network traffic detected: HTTP traffic on port 58125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58068
Source: unknown	Network traffic detected: HTTP traffic on port 58068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58066
Source: unknown	Network traffic detected: HTTP traffic on port 58102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58062
Source: unknown	Network traffic detected: HTTP traffic on port 58045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58079
Source: unknown	Network traffic detected: HTTP traffic on port 62043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58074
Source: unknown	Network traffic detected: HTTP traffic on port 58086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58073
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58070
Source: unknown	Network traffic detected: HTTP traffic on port 58113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58080
Source: unknown	Network traffic detected: HTTP traffic on port 62105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62108
Source: unknown	Network traffic detected: HTTP traffic on port 58124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62109
Source: unknown	Network traffic detected: HTTP traffic on port 58067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62103
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62105
Source: unknown	Network traffic detected: HTTP traffic on port 62076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58019
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58020
Source: unknown	Network traffic detected: HTTP traffic on port 58087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58022
Source: unknown	Network traffic detected: HTTP traffic on port 62056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58028
Source: unknown	Network traffic detected: HTTP traffic on port 62088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58030
Source: unknown	Network traffic detected: HTTP traffic on port 58044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58047
Source: unknown	Network traffic detected: HTTP traffic on port 58066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58040
Source: unknown	Network traffic detected: HTTP traffic on port 62077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58053
Source: unknown	Network traffic detected: HTTP traffic on port 58088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58055
Source: unknown	Network traffic detected: HTTP traffic on port 58103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58051
Source: unknown	Network traffic detected: HTTP traffic on port 62055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62040
Source: unknown	Network traffic detected: HTTP traffic on port 62108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62042
Source: unknown	Network traffic detected: HTTP traffic on port 62086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62039
Source: unknown	Network traffic detected: HTTP traffic on port 58060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62050
Source: unknown	Network traffic detected: HTTP traffic on port 58116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62053
Source: unknown	Network traffic detected: HTTP traffic on port 58072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62043
Source: unknown	Network traffic detected: HTTP traffic on port 58048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62048
Source: unknown	Network traffic detected: HTTP traffic on port 62074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62049
Source: unknown	Network traffic detected: HTTP traffic on port 62051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62064
Source: unknown	Network traffic detected: HTTP traffic on port 58014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62055
Source: unknown	Network traffic detected: HTTP traffic on port 58047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62059
Source: unknown	Network traffic detected: HTTP traffic on port 62098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62075
Source: unknown	Network traffic detected: HTTP traffic on port 58036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62067
Source: unknown	Network traffic detected: HTTP traffic on port 58084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62069
Source: unknown	Network traffic detected: HTTP traffic on port 58025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62112
Source: unknown	Network traffic detected: HTTP traffic on port 58118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62081
Source: unknown	Network traffic detected: HTTP traffic on port 62110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62086
Source: unknown	Network traffic detected: HTTP traffic on port 62082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62078
Source: unknown	Network traffic detected: HTTP traffic on port 58049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62079
Source: unknown	Network traffic detected: HTTP traffic on port 62073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62094
Source: unknown	Network traffic detected: HTTP traffic on port 62050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62097
Source: unknown	Network traffic detected: HTTP traffic on port 58038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62087
Source: unknown	Network traffic detected: HTTP traffic on port 58061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62089
Source: unknown	Network traffic detected: HTTP traffic on port 58082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62099
Source: unknown	Network traffic detected: HTTP traffic on port 62094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62072 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:62067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:58069 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\sets.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\manifest.fingerprint	Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_2908_2139363253

Jump to behavior

PE file does not import any functions

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr

Static PE information: No import functions for PE file found

PE file overlay found

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr

Static PE information: Data appended to the last section found

Source: classification engine

Classification label: clean4.win@28/58@40/19

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\Downloads\12ff91c6-4bc3-464a-b924-5c44a704daed.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.google.com/url?q=https://applications.zoom.us/addon/invitation/detail?meetingUuid%3D%252BJAY6v2LTHmCN%252BShxcZDnQ%253D%253D%26signature%3D3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c%26v%3D1&sa=D&source=calendar&usg=AOvVaw0T2-fu4h5tPwbdCU2y2lCO"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5964 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5964 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr
Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb~~ source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr

PE file contains an invalid checksum

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr

Static PE information: real checksum: 0x31176 should be: 0x11b73

PE file contains sections with non-standard names

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr	Static PE information: section name: .didat
Source: Unconfirmed 28383.crdownload.0.dr	Static PE information: section name: .didat
Source: chromecache_156.2.dr	Static PE information: section name: .didat

Drops PE files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\Unconfirmed 28383.crdownload	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\12ff91c6-4bc3-464a-b924-5c44a704daed.tmp	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 156	Jump to dropped file

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 156
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 156			Jump to dropped file

Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr

Binary or memory string: {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}{9BE518E6-ECC6-35A9-88E4-87755C07200F}{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}{9A25302D-30C0-39D9-BD6F-21E6EC160475}{A09D5493-0D9F-3211-B3BF-DD7ABBB318C1}{F2E0402D-AA60-32E3-8480-39AD5CE79DF2}{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}{09298F26-A95C-31E2-9D95-2C60F586F075}{31B44A9A-7CFE-3039-AEAE-A664F3C5F7BD}{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}{9B775AA1-7B10-379A-9B16-7E373790568C}{DCB46B42-723F-350E-B18A-449BC6C21636}{09C0A8D5-EEC1-369D-8C7A-2E2DD17DCA5E}{86CE1746-9EFF-3C9C-8755-81EA8903AC34}{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}{820B6609-4C97-3A2B-B644-573B06A0F0CC}{6AFCA4E1-9B78-3640-8F72-A7BF33448200}{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}{402ED4A1-8F5B-387A-8688-997ABF58B8F2}{887868A2-D6DE-3255-AA92-AA0B5A59B874}{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}{57660847-B1F7-35BD-9118-F62EB863A598}SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\winsxs\x86_microsoft.vc90.crt_*Software\Microsoft\Windows\CurrentVersion\Internet SettingsSecureProtocols0x-Zoom_Opener_WndPropThis0%% (Error Code: )MESSAGEWNDOBJChangeWindowMessageFilteruser32.dllGrabFocusWindowZoom_Opener_WndPropHandlerZoom_Opener_WndPropHandlerOwnerSTATICSegoe UIArialbuttonWininet.dllInternetCloseHandleInternetCrackUrlAInternetOpenAInternetConnectAInternetSetOptionAInternetQueryOptionAHttpOpenRequestAHttpAddRequestHeadersAHttpSendRequestAInternetErrorDlgHttpQueryInfoAInternetReadFileInternetTimeToSystemTimeADownload-rootCurrent-versionInstaller-namePackage-namePackage-urlInstaller.exeZoomRemoteControl.msiZoom.msivcredist_x86.exe/winhttp.dllwinhttp.dllfile://Zoom.Opener.Win 1.0InternetOpen API failed, error code: InternetConnect API failed, error code: CreateFile API failed, error code: GETPOSTHTTP/1.1HttpOpenRequest API failed, error code: %dHttpSendRequest API failed1, error code: HttpSendRequest API failed, error code: [req_state_read_status_code] zHttpQueryInfo complete, status:[read_response_file] Status Code:, content length: , total read: , error code: [read_response_content] API call zHttpQueryInfo failed, error: [log_response_content] cannot alloc buff, content leng: , Status code: [log_response_content] Content length (1048576 as unknown): , Total read: , Error No: [log_response_content] header:[process_requst] start, url:[process_requst] End for url:, return code:, Error:, Response content size:debug.logGlobal\.\debug.log[:] ***NULL-POINTER-PLACEHOLDER*** Fatal Error, __PrepareLogContent failed, log size:Zoom Video Communications, Inc.Entrust Root Certification AuthorityDigiCerthttp:https:mailto:Shell_TrayWndADVAPI32.dllCreateProcessWithTokenWopenProcessIdToSessionIdKernel32.dllexplorer.exe

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
170.114.65.137	unknown	United States	22347	DORSEY-WHITNEYUS	false
170.114.65.138	edge-log-gateway-web-2f8111e8e5387748.elb.us-east-1.amazonaws.com	United States	22347	DORSEY-WHITNEYUS	false
104.18.32.137	zoom-privacy.my.onetrust.com	United States	13335	CLOUDFLARENETUS	false
52.84.151.54	unknown	United States	16509	AMAZON-02US	false
170.114.52.74	applications.zoom.us	United States	22347	DORSEY-WHITNEYUS	false
104.18.87.42	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
170.114.52.2	www.zoom.us	United States	22347	DORSEY-WHITNEYUS	false
172.64.155.119	unknown	United States	13335	CLOUDFLARENETUS	false
52.84.151.49	us01ccistatic.zoom.us	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
170.114.46.1	unknown	United States	22347	DORSEY-WHITNEYUS	false
170.114.12.132	aw1vaapplications.zoom.us	United States	22347	DORSEY-WHITNEYUS	false
170.114.45.1	st1.zoom.us	United States	22347	DORSEY-WHITNEYUS	false
142.250.186.100	www.google.com	United States	15169	GOOGLEUS	false
170.114.12.133	unknown	United States	22347	DORSEY-WHITNEYUS	false
104.18.86.42	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.7
192.168.2.4
192.168.2.6

Contacted Domains

Name	IP	Active
us01ccistatic.zoom.us	52.84.151.49	true
applications.zoom.us	170.114.52.74	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.zoom.us	170.114.52.2	true
zoom-privacy.my.onetrust.com	104.18.32.137	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
aw1vaapplications.zoom.us	170.114.12.132	true
edge-log-gateway-web-2f8111e8e5387748.elb.us-east-1.amazonaws.com	170.114.65.138	true
st1.zoom.us	170.114.45.1	true
www.google.com	142.250.186.100	true
cdn.cookielaw.org	104.18.87.42	true
geolocation.onetrust.com	104.18.32.137	true
windowsupdatebg.s.llnwi.net	178.79.238.128	true
log-gateway.zoom.us	unknown	unknown
st3.zoom.us	unknown	unknown
rfpio.zoom.us	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://zoom-privacy.my.onetrust.com/request/v1/consentreceipts	false		unknown
https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js	false		unknown
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js	false	URL Reputation: safe	unknown
https://us01ccistatic.zoom.us/us01cci/web-sdk/web-campaign.js?env=us01&apikey=AM_FKF55QOG_vdWum455Vg&lazyLoadCampaignUrl=_blank	false		unknown
https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\Downloads\12ff91c6-4bc3-464a-b924-5c44a704daed.tmp	PE32 executable (GUI) Intel 80386, for MS Windows	10BD8F003831DA987825606CA155386C	5702B054749C04D3B73F4FA48B93FF9954070EF2	816E589ED39755F1F56BF15D9D1D054FA7327DD37BC5C8A59E176A90F9A7352E
C:\Users\user\Downloads\Unconfirmed 28383.crdownload	PE32 executable (GUI) Intel 80386, for MS Windows	BC48CB98D8F2DACCA97A2EB72F4275CB	CD3DD263FC37C8C7BEB1393A654B400F2F531F1C	C18FB46AFA17AD8578D1EDD4AA6A89B42F381CA7998A4E5A096643E0F2721C49
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\LICENSE	ASCII text	EE002CB9E51BB8DFA89640A406A1090A	49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2	3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\_metadata\verified_contents.json	JSON data	68E6B5733E04AB7BF19699A84D8ABBC2	1C11F06CA1AD3ED8116D356AB9164FD1D52B5CF0	F095F969D6711F53F97747371C83D5D634EAEF21C54CB1A6A1CC5B816D633709
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\manifest.fingerprint	ASCII text, with no line terminators	CFB54589424206D0AE6437B5673F498D	D1EF6314F0F68EFDD0BA8F6CA9E59BFF863B1609	285AC183C35350B4B77332172413902F83726CA8F53D63859B5DA082FD425A1C
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\manifest.json	JSON data	C3419069A1C30140B77045ABA38F12CF	11920F0C1E55CADC7D2893D1EEBB268B3459762A	DB9A702209807BA039871E542E8356219F342A8D9C9CA34BCD9A86727F4A3A0F
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\sets.json	JSON data	EEA4913A6625BEB838B3E4E79999B627	1B4966850F1B117041407413B70BFA925FD83703	20EF4DE871ECE3C5F14867C4AE8465999C7A2CC1633525E752320E61F78A373C
Chrome Cache Entry: 129	ASCII text, with very long lines (65450)	1CF2B03E488CB83DAE667742F9564CFC	4FA83CEE087A6DA7146C73AB00CF057FBC1C9150	5E17BD1E5CCA660A64295DD219D1401D38FFDA750C46D1F6E996654F2C3BCEA8
Chrome Cache Entry: 130	Unicode text, UTF-8 text, with very long lines (17898)	B3A1FB32849FFC57BA30D6CB33F1DA16	9E8E0214BB3462BECB7202EE2DECCC6347097210	7B86166BA11B05811DA975EF9D76CEE6C634615B8149465C54A0E13284E9429D
Chrome Cache Entry: 131	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	96990DB652AE46B73E46BAA7B314B447	0782B2596100DD393BF96475EA533F9F6F0305E1	4C1DD4DC46D1B7C6AEE2F25D8977733670F80920180C220AC04440958120CEB0
Chrome Cache Entry: 132	ASCII text, with very long lines (65536), with no line terminators	4D4AB36FF07E4CA64F10BAE4D9BA2265	5ABD840079D6B68564B452ECFBDBCD9A934D75E8	44DAA3C51B5C7FC1A6AA8B545B595A659F801410B8726A21103DBEDD23036E05
Chrome Cache Entry: 133	JSON data	24AA23F9E7A252818A64E7A50E7E8E4D	16E43A853FE019F5AAE249E0CC7F5A8DA3F084A5	584F895BB024B067B440328E4D92BB57ED91C91FCCFDD464D20B078D5E6E2F7C
Chrome Cache Entry: 134	JSON data	A20F61BBF661147FA65EC1ABF4093AED	C7306A9A3F8224E2E564FD170242E4B26BBA7047	EFA3DA3BC784514C792213E4B3C842CF4DA752C0EC3EF14F4592A6A849DBEFCA
Chrome Cache Entry: 135	ASCII text, with very long lines (22445)	ECCC5D2CDD3EB68851E379F6375456A5	5DD0EA3388B103A873280C0C9EFABC917F320D9A	7358C5616F671017F307D161644D253F0F81083B0BE68F3A3FEFEFA33B59DE5D
Chrome Cache Entry: 136	Unicode text, UTF-8 text, with very long lines (17898)	B3A1FB32849FFC57BA30D6CB33F1DA16	9E8E0214BB3462BECB7202EE2DECCC6347097210	7B86166BA11B05811DA975EF9D76CEE6C634615B8149465C54A0E13284E9429D
Chrome Cache Entry: 137	ASCII text, with very long lines (1114)	BA556ADD21CCEC3864F53D38A8B34406	C48EA7B8E9355A377A310B899FC81646BBB5A947	5A9B9D3534EB28502397F917FC918B27F8443E49890C5C3823A66C51CE361B2A
Chrome Cache Entry: 138	ASCII text, with no line terminators	806699ED4BB65178112F5BAD2242C52D	F44771599DB97A9EA255845DC886AE69EC293024	6595E4AA67EA4D50268F53193CBE84B2201B3130DC15F690165007BDB829E068
Chrome Cache Entry: 139	ASCII text, with very long lines (20654), with no line terminators	314BB87330075C25B1DCEFD20E7726E4	C47E626B3D4453BB9685EB2585E04E39EBF239DC	F761CBBCF81784496A5CF4E5D66D5C0F79389D2B4FFA678B37CA52E9AA792205
Chrome Cache Entry: 140	JSON data	24AA23F9E7A252818A64E7A50E7E8E4D	16E43A853FE019F5AAE249E0CC7F5A8DA3F084A5	584F895BB024B067B440328E4D92BB57ED91C91FCCFDD464D20B078D5E6E2F7C
Chrome Cache Entry: 141	ASCII text, with very long lines (65536), with no line terminators	4D4AB36FF07E4CA64F10BAE4D9BA2265	5ABD840079D6B68564B452ECFBDBCD9A934D75E8	44DAA3C51B5C7FC1A6AA8B545B595A659F801410B8726A21103DBEDD23036E05
Chrome Cache Entry: 142	JSON data	E884507A36BDEBA9A245E867A54FEBFF	5D660C50493724B6A925E3D54A7C6F979EDA5FCF	9C96AA15E686AC1FCC49A6751EFAB3E34AA992E26FF11F76A78563B79D268071
Chrome Cache Entry: 143	ASCII text, with very long lines (65450)	1CF2B03E488CB83DAE667742F9564CFC	4FA83CEE087A6DA7146C73AB00CF057FBC1C9150	5E17BD1E5CCA660A64295DD219D1401D38FFDA750C46D1F6E996654F2C3BCEA8
Chrome Cache Entry: 144	JSON data	990FF8ED62A80EB7A80590B866F8D5E6	5FF89EA7B63348360764A10B02AAE576E083F995	29A93D731434E92CD8081BB2AF123C2CEA435D7893245A04134D7FBF713518F9
Chrome Cache Entry: 145	HTML document, ASCII text, with CRLF, LF line terminators	1E45F6AE2D452491D23C8A08C1270DFC	350D8C562B77A8618262B12775DF81ECCF83D29E	29D81E3BB8CA115A8CC0EFA60E433EFB94167CECA60E1EB7C50254690147D556
Chrome Cache Entry: 146	HTML document, ASCII text, with very long lines (5171)	13F90B65BE965D766573FFE09599427C	8855A8D0BE7ADA359A94099AD0A15B0EC727C37F	BE256C4C090BC3A58F6A93A2E87485E33D21C494ED2FA4FFA606A37678F3AAD2
Chrome Cache Entry: 147	Unicode text, UTF-8 text, with very long lines (31575)	EE6E48B4073D72AE88A31205FBBC3CA7	ADE6A96848805A36D898D53E90804E75D86CC8BE	781331C091B62243CA57852A71DB442D0B37E50BB41114407C01E5A535516C50
Chrome Cache Entry: 148	Unicode text, UTF-8 text, with very long lines (31575)	EE6E48B4073D72AE88A31205FBBC3CA7	ADE6A96848805A36D898D53E90804E75D86CC8BE	781331C091B62243CA57852A71DB442D0B37E50BB41114407C01E5A535516C50
Chrome Cache Entry: 149	ASCII text, with very long lines (1114)	BA556ADD21CCEC3864F53D38A8B34406	C48EA7B8E9355A377A310B899FC81646BBB5A947	5A9B9D3534EB28502397F917FC918B27F8443E49890C5C3823A66C51CE361B2A
Chrome Cache Entry: 150	JSON data	D3D8776D6DEFD4813DDC77A54C675119	71BAE54817E9833B2C0F3DB65582EE8F720EFD0E	35027EC74B0293EDF7C6037A12E28452CFE4D3D959C4807900884B7A9C5A0CAA
Chrome Cache Entry: 151	ASCII text, with very long lines (22445)	ECCC5D2CDD3EB68851E379F6375456A5	5DD0EA3388B103A873280C0C9EFABC917F320D9A	7358C5616F671017F307D161644D253F0F81083B0BE68F3A3FEFEFA33B59DE5D
Chrome Cache Entry: 152	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	96990DB652AE46B73E46BAA7B314B447	0782B2596100DD393BF96475EA533F9F6F0305E1	4C1DD4DC46D1B7C6AEE2F25D8977733670F80920180C220AC04440958120CEB0
Chrome Cache Entry: 153	JSON data	6813DDCA08CDCDD0F50201590A920628	9A97EF9C1CC9BDAFA2841FC3F003F7DA2FD2B429	5C9C4E891C365AB6CADE570A820F31546A14D55E2507E93AEE90D3D30E37C46D
Chrome Cache Entry: 154	ASCII text, with very long lines (20654), with no line terminators	314BB87330075C25B1DCEFD20E7726E4	C47E626B3D4453BB9685EB2585E04E39EBF239DC	F761CBBCF81784496A5CF4E5D66D5C0F79389D2B4FFA678B37CA52E9AA792205
Chrome Cache Entry: 155	HTML document, Unicode text, UTF-8 text	FAB7315F173991EBD71E3DE65E52FF21	D26A35A2F93EFED504EAF41D46166DDDE2A41187	7DE10D1082B33490337D7D9556B55B904F9D35AA13225AB3EEBE55F90A764D7D
Chrome Cache Entry: 156	PE32 executable (GUI) Intel 80386, for MS Windows	BC48CB98D8F2DACCA97A2EB72F4275CB	CD3DD263FC37C8C7BEB1393A654B400F2F531F1C	C18FB46AFA17AD8578D1EDD4AA6A89B42F381CA7998A4E5A096643E0F2721C49
Chrome Cache Entry: 157	JSON data	990FF8ED62A80EB7A80590B866F8D5E6	5FF89EA7B63348360764A10B02AAE576E083F995	29A93D731434E92CD8081BB2AF123C2CEA435D7893245A04134D7FBF713518F9
Chrome Cache Entry: 158	JSON data	E884507A36BDEBA9A245E867A54FEBFF	5D660C50493724B6A925E3D54A7C6F979EDA5FCF	9C96AA15E686AC1FCC49A6751EFAB3E34AA992E26FF11F76A78563B79D268071
Chrome Cache Entry: 159	PNG image data, 240 x 54, 8-bit/color RGBA, non-interlaced	5E4AE540C731CF79412E845C177B378D	836B0C9EC660E78C3534D1D2F3F00ED28C3A668A	233B06E11876D7B9E9E6CC9B7D2789810FE4748077BDB3C63541476D10717038
Chrome Cache Entry: 160	PNG image data, 240 x 54, 8-bit/color RGBA, non-interlaced	5E4AE540C731CF79412E845C177B378D	836B0C9EC660E78C3534D1D2F3F00ED28C3A668A	233B06E11876D7B9E9E6CC9B7D2789810FE4748077BDB3C63541476D10717038
Chrome Cache Entry: 161	JSON data	6813DDCA08CDCDD0F50201590A920628	9A97EF9C1CC9BDAFA2841FC3F003F7DA2FD2B429	5C9C4E891C365AB6CADE570A820F31546A14D55E2507E93AEE90D3D30E37C46D

Source: Unconfirmed 28383.crdownload.0.dr

Binary or memory string: -----BEGIN PUBLIC KEY-----

memstr_ca8a5813-e

Source: https://applications.zoom.us/addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&signature=3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c&v=1	HTTP Parser: No favicon
Source: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1#success	HTTP Parser: No favicon
Source: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1#success	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:62067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:58069 version: TLS 1.2

Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr
Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb~~ source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:62034 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:58010 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /url?q=https://applications.zoom.us/addon/invitation/detail?meetingUuid%3D%252BJAY6v2LTHmCN%252BShxcZDnQ%253D%253D%26signature%3D3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c%26v%3D1&sa=D&source=calendar&usg=AOvVaw0T2-fu4h5tPwbdCU2y2lCO HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&signature=3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c&v=1 HTTP/1.1Host: applications.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /addon/images/zoom_logo_invitation.png HTTP/1.1Host: aw1vaapplications.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: applications.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://applications.zoom.us/addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&signature=3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c&v=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=188pcXoTbFZfhYGy3acPD0GGEjwBzJ0fUXFxwNtGLII-1730408745-1.0.1.1-VKO4M_y_kLAhCLuCO.Un6c8yt8fbQCrO8FIFkLybgRdGsvVqdV5epEDNQGqn3kBR8r.ZPITydAkARGsjlyUVTg
Source: global traffic	HTTP traffic detected: GET /addon/images/zoom_logo_invitation.png HTTP/1.1Host: aw1vaapplications.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: applications.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=188pcXoTbFZfhYGy3acPD0GGEjwBzJ0fUXFxwNtGLII-1730408745-1.0.1.1-VKO4M_y_kLAhCLuCO.Un6c8yt8fbQCrO8FIFkLybgRdGsvVqdV5epEDNQGqn3kBR8r.ZPITydAkARGsjlyUVTg
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1 HTTP/1.1Host: rfpio.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/chat-client.js HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /fe-static/launch-meeting/meeting.537a440d01fe8a0940ee.js HTTP/1.1Host: st1.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/chat-client.js HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /fe-static/launch-meeting/meeting.537a440d01fe8a0940ee.js HTTP/1.1Host: st1.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/6.3.27088/js/lib/fingerprintjs-3.3.3.min.js HTTP/1.1Host: st3.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/cross-storage.html HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /launch/download/EUBUG9a4YInJjuEawaU7gRGITvjVQrwFY-7Sq9Y908TB1ABP5cCl9ajHhnlBhkQdq2dLv9nbDbT4mkINcd3LDApiaB-WsKdMZ7hN5VQT7NpeCsUD4tPzwsfNpGn5vbMs8hc1q7WbKOmSxpP8U0ZjTZ93s7sjsPemi3s4qFLJmgfK1FUyW-tBoYLups4dOmNkozVn-_MK3GksxpnAbZanjIGiV-FgA5DEyNYn_Fq2CAmfxITjdbI0x_GLF3k0T3pYnwmOCcJqprerLbdhI9tXG7wJhSZzwChILrEe4r8TcG1rcDtpKsiOURVvogTmlUF3w024qB9wDW0l1j3rQ-20sP8DGDvW_uMOh_JPtfAHwb626k9s3mwAJdgn-quccaE61sH6jEZm4muuddOIeJhwEWgvhiP-uMar-snwOnu-XMqfRq6GXBbxVjDS3rAk9GzwKuQ6DFk6wUr1Z11KBycuJB73OjV2zeaOpfgWJ4mzk0VHsnmQIQVulwFlRBefl8lrTE7urkwgjAbza5f_5bAXqZCmGGFNrmTjHEXgexK54FbTEwm5qZUARQOlBpVwMCgHJD2HYg_P9GeYVMwM-XVbh5IrpKTc5BvK5OSDkSn-SlySWphkw2l4fdM4lYy5Db7E2bMEulLns0M65rdE7yDrjdPMi0if.MhfG48I3Nqkt79RD/meeting/ev6tyWlgJK1_8zi6Yjqn_CGkPpj3LlO0iDTx.rKuDqjttns0D1uIh/Zoom_launcher.exe HTTP/1.1Host: rfpio.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; cred=B0324C891E33A54647F8863529588FF0; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/6.3.27088/js/lib/fingerprintjs-3.3.3.min.js HTTP/1.1Host: st3.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/b0bfa2ae-4058-4aef-8632-a5281ce4464a.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/web-campaign.js?env=us01&apikey=AM_FKF55QOG_vdWum455Vg&lazyLoadCampaignUrl=_blank HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://rfpio.zoom.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/b0bfa2ae-4058-4aef-8632-a5281ce4464a.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97
Source: global traffic	HTTP traffic detected: GET /us01cci/web-sdk/web-campaign.js?env=us01&apikey=AM_FKF55QOG_vdWum455Vg&lazyLoadCampaignUrl=_blank HTTP/1.1Host: us01ccistatic.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/018e6326-944c-770b-9e87-74eaf48b0e06/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otFloatingFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://rfpio.zoom.usSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://rfpio.zoom.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/b0bfa2ae-4058-4aef-8632-a5281ce4464a/018e6326-944c-770b-9e87-74eaf48b0e06/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otFloatingFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/6.21.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97; OnetrustActiveGroups=C0004C0003C0002C0001; OptanonAlertBoxClosed=2024-10-31T21:06:37.026Z; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Oct+31+2024+17%3A06%3A37+GMT-0400+(Eastern+Daylight+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=5b9744da-1d71-494e-9e3b-ff870b09b3ed&interactionCount=2&landingPath=NotLandingPage&groups=C0004%3A1%2CC0003%3A1%2CC0002%3A1%2CC0001%3A1
Source: global traffic	HTTP traffic detected: GET /request/v1/consentreceipts HTTP/1.1Host: zoom-privacy.my.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /nws/join/logger/wjmf HTTP/1.1Host: log-gateway.zoom.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _zm_ssid=aw1_c_K36vGZMkQa6AgTnXYdbzsw; _zm_ctaid=8dhNgjDWQV6KDMo_Cw7Ntw.1730408764166.e42d880c17827fac2504c8e6271e3034; _zm_chtaid=615; _zm_mtk_guid=f98536fefba347a09707b3cf3eb3fe0d; _zm_join_utid=UTID_2a1a4ad4dc79436eb98fb53c0278bfb8; _zm_csp_script_nonce=vvKvIRKRR9yzWNxCWI2N_A; _zm_currency=USD; _zm_visitor_guid=bddf58842def4fa9b6dd457a8c1089d5; __cf_bm=aAuOAYg1jQt0RoeonmyAsmgV9EawddGhzNPvB9koL_I-1730408764-1.0.1.1-AYHEwLqG4I7l8ybwszVS_rVHPlrpwnv3aggnpneh7_tVkpUOsqZwnZUZQLzZV9rBIsjQa70x0bqXYg0_YYXSxg; _zm_fingerprint=72dd840eb310f0b1b6f4f68e25296d97; OnetrustActiveGroups=C0004C0003C0002C0001; OptanonAlertBoxClosed=2024-10-31T21:06:37.026Z; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Oct+31+2024+17%3A06%3A37+GMT-0400+(Eastern+Daylight+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=5b9744da-1d71-494e-9e3b-ff870b09b3ed&interactionCount=2&landingPath=NotLandingPage&groups=C0004%3A1%2CC0003%3A1%2CC0002%3A1%2CC0001%3A1
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: applications.zoom.us
Source: global traffic	DNS traffic detected: DNS query: aw1vaapplications.zoom.us
Source: global traffic	DNS traffic detected: DNS query: rfpio.zoom.us
Source: global traffic	DNS traffic detected: DNS query: st1.zoom.us
Source: global traffic	DNS traffic detected: DNS query: us01ccistatic.zoom.us
Source: global traffic	DNS traffic detected: DNS query: log-gateway.zoom.us
Source: global traffic	DNS traffic detected: DNS query: cdn.cookielaw.org
Source: global traffic	DNS traffic detected: DNS query: st3.zoom.us
Source: global traffic	DNS traffic detected: DNS query: geolocation.onetrust.com
Source: global traffic	DNS traffic detected: DNS query: zoom-privacy.my.onetrust.com

Source: unknown

Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0K
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA2562021CA1.crt0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA2562021CA1.crl0S
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: chromecache_156.2.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA2562021CA1.crl0
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: http://momentjs.com/timezone/docs/#/data-loading/.
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0I
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_147.2.dr, chromecache_148.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: sets.json.0.dr	String found in binary or memory: https://07c225f3.online
Source: sets.json.0.dr	String found in binary or memory: https://24.hu
Source: sets.json.0.dr	String found in binary or memory: https://aajtak.in
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: sets.json.0.dr	String found in binary or memory: https://ambitionbox.com
Source: chromecache_145.2.dr	String found in binary or memory: https://applications.zoom.us/addon/invitation/detail?meetingUuid
Source: chromecache_145.2.dr	String found in binary or memory: https://applications.zoom.us/addon/invitation/detail?meetingUuid=%2BJAY6v2LTHmCN%2BShxcZDnQ%3D%3D&am
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: chromecache_155.2.dr	String found in binary or memory: https://aw1vaapplications.zoom.us/addon/images/zoom_logo_invitation.png
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://businesstoday.in
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://campaign.zoomgov.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://campaign.zoomgovdev.com/
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cci.zoomgov.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cci.zoomgovdev.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cciapi.zoomgov.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cciapi.zoomgovdev.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccistatic.zoomgov.com/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccistatic.zoomgovdev.com/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccizp.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://ccizpapi.zoomdev.us/
Source: sets.json.0.dr	String found in binary or memory: https://chatbot.com
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://citybibleforum.org
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://closeronline.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://cognitive-ai.ru
Source: sets.json.0.dr	String found in binary or memory: https://cognitiveai.ru
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://content-loader.com
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: sets.json.0.dr	String found in binary or memory: https://css-load.com
Source: sets.json.0.dr	String found in binary or memory: https://deccoria.pl
Source: sets.json.0.dr	String found in binary or memory: https://deere.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev-zcb.zoomdev.us/static/resource/cci/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01apizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01campaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01cci.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://dev01cciapi.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devapizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcampaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devccistatic.zoomdev.us/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcolo.zoomdev.us
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcoloapizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcolocampaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcoloccizp.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devcoloccizpapi.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://developers.google.com/web/updates/2017/01/scrolling-intervention
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devlog-gateway.zoomdev.us/nws/join/logger/zccfelog
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://devoci-cdn-cci.zoomdev.us/n/idkx1lfgxgf7/b/dev-zcx/o/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://drimer.io
Source: sets.json.0.dr	String found in binary or memory: https://drimer.travel
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01apizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01campaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01cci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01cciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://eu01ccistatic.zoom.us/eu01cci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: chromecache_153.2.dr	String found in binary or memory: https://explore.zoom.us/en/cookie-policy/
Source: chromecache_161.2.dr, chromecache_153.2.dr	String found in binary or memory: https://explore.zoom.us/en/privacy/
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: chromecache_147.2.dr, chromecache_148.2.dr	String found in binary or memory: https://fingerprintjs.com)
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/getting-started/message-distribution
Source: chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/react-intl#runtime-requirements
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/react-intl/api#intlshape
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/tooling/babel-plugin)
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/tooling/linter#enforce-id)
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://formatjs.io/docs/tooling/ts-transformer)
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://geforcenow.com
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/formatjs/formatjs/issues/1914
Source: chromecache_147.2.dr, chromecache_148.2.dr	String found in binary or memory: https://github.com/karanlyons/murmurHash3.js)
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/pmndrs/zustand/discussions/1937
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://github.com/unjs/consola?tab=readme-ov-file#log-level
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.38.1/LICENSE
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://gnttv.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://go-zcb.zoom.us/static/resource/cci/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://goapizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://gocampaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://gocci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://gocciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://goccistatic.zoom.us/gocci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://graziadaily.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hazipatika.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://heatworld.com
Source: sets.json.0.dr	String found in binary or memory: https://helpdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://html-load.cc
Source: sets.json.0.dr	String found in binary or memory: https://html-load.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: sets.json.0.dr	String found in binary or memory: https://img-load.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatoday.in
Source: sets.json.0.dr	String found in binary or memory: https://indiatodayne.in
Source: sets.json.0.dr	String found in binary or memory: https://infoedgeindia.com
Source: sets.json.0.dr	String found in binary or memory: https://interia.pl
Source: sets.json.0.dr	String found in binary or memory: https://intoday.in
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: sets.json.0.dr	String found in binary or memory: https://johndeere.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: sets.json.0.dr	String found in binary or memory: https://knowledgebase.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livechat.com
Source: sets.json.0.dr	String found in binary or memory: https://livechatinc.com
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://log-gateway.zoom.us/nws/join/logger/zccfelog
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: sets.json.0.dr	String found in binary or memory: https://meo.pt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://momentjs.com/timezone/docs/#/use-it/browser/
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://motherandbaby.com
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://naukri.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://nlc.hu
Source: sets.json.0.dr	String found in binary or memory: https://nosalty.hu
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://nvidia.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: sets.json.0.dr	String found in binary or memory: https://p106.net
Source: sets.json.0.dr	String found in binary or memory: https://p24.hu
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://pomponik.pl
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01apizva.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01campaign.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01ccizp.zoomdev.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://qa01ccizpapi.zoomdev.us/
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: chromecache_155.2.dr	String found in binary or memory: https://rfpio.zoom.us/j/95410083827?pwd=Tcnpsb4vu5xFoif9ebNCcokKFaPuxe.1
Source: chromecache_155.2.dr	String found in binary or memory: https://rfpio.zoom.us/u/aoP8jw8Ar
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01apizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01campaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01cci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01cciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://sa01ccistatic.zoom.us/sa01cci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://sackrace.ai
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: sets.json.0.dr	String found in binary or memory: https://sapo.io
Source: sets.json.0.dr	String found in binary or memory: https://sapo.pt
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://scheduler.acqa.zoomdev.us
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://scheduler.zoom.us
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: sets.json.0.dr	String found in binary or memory: https://smaker.pl
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://smpn106jkt.sch.id
Source: sets.json.0.dr	String found in binary or memory: https://socket-to-me.vip
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startlap.hu
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/de/articles/201362023-System-Requirements
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://support.zoom.us/hc/en-us/articles/201362003-Zoom-Video-Communications-Technical-Support
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://support.zoom.us/hc/en-us/articles/201362003-Zoom-Video-Communications-Technical-Supportopens
Source: chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/en-us/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/es/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/fr/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/pt-br/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/ru/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/zh-cn/articles/201362023-System-Requirements
Source: chromecache_143.2.dr, chromecache_129.2.dr	String found in binary or memory: https://support.zoom.us/hc/zh-tw/articles/201362023-System-Requirements
Source: sets.json.0.dr	String found in binary or memory: https://takeabreak.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: sets.json.0.dr	String found in binary or memory: https://terazgotuje.pl
Source: sets.json.0.dr	String found in binary or memory: https://text.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://the42.ie
Source: sets.json.0.dr	String found in binary or memory: https://thejournal.ie
Source: sets.json.0.dr	String found in binary or memory: https://thirdspace.org.au
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.app
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.com
Source: sets.json.0.dr	String found in binary or memory: https://top.pl
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01-zcb.zoom.us/static/resource/cci/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01apizva.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01campaign.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01cci.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01cciapi.zoom.us/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01ccistatic-cf.zoom.us/us01cci/web-sdk/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://us01ccistatic.zoom.us/us01cci/web-sdk/
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://yours.co.uk
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://zcb.zoomdev.us/static/resource/cci/
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://zoom.com
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.com.cn/
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.com/
Source: chromecache_137.2.dr, chromecache_149.2.dr	String found in binary or memory: https://zoom.us
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.us/
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoom.us/https://zoom.com/https://zoom.com.cn/https://zoomgov.com/://https:///
Source: chromecache_129.2.dr	String found in binary or memory: https://zoom.us/phonesystem
Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr	String found in binary or memory: https://zoomgov.com/

Source: unknown	Network traffic detected: HTTP traffic on port 58054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 58077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 58111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58103
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 62092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 62046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58109
Source: unknown	Network traffic detected: HTTP traffic on port 62103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58106
Source: unknown	Network traffic detected: HTTP traffic on port 62081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58112
Source: unknown	Network traffic detected: HTTP traffic on port 58065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58114
Source: unknown	Network traffic detected: HTTP traffic on port 58122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58110
Source: unknown	Network traffic detected: HTTP traffic on port 62057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58123
Source: unknown	Network traffic detected: HTTP traffic on port 58020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58120
Source: unknown	Network traffic detected: HTTP traffic on port 58089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58121
Source: unknown	Network traffic detected: HTTP traffic on port 58078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58014
Source: unknown	Network traffic detected: HTTP traffic on port 58042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58013
Source: unknown	Network traffic detected: HTTP traffic on port 58090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58011
Source: unknown	Network traffic detected: HTTP traffic on port 62093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58123 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62101 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 58063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 62066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58069
Source: unknown	Network traffic detected: HTTP traffic on port 58125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58068
Source: unknown	Network traffic detected: HTTP traffic on port 58068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58066
Source: unknown	Network traffic detected: HTTP traffic on port 58102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58062
Source: unknown	Network traffic detected: HTTP traffic on port 58045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58079
Source: unknown	Network traffic detected: HTTP traffic on port 62043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58074
Source: unknown	Network traffic detected: HTTP traffic on port 58086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58073
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58070
Source: unknown	Network traffic detected: HTTP traffic on port 58113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58080
Source: unknown	Network traffic detected: HTTP traffic on port 62105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62107
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62108
Source: unknown	Network traffic detected: HTTP traffic on port 58124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62109
Source: unknown	Network traffic detected: HTTP traffic on port 58067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58095
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62103
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62105
Source: unknown	Network traffic detected: HTTP traffic on port 62076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58019
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58020
Source: unknown	Network traffic detected: HTTP traffic on port 58087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58022
Source: unknown	Network traffic detected: HTTP traffic on port 62056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58028
Source: unknown	Network traffic detected: HTTP traffic on port 62088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58030
Source: unknown	Network traffic detected: HTTP traffic on port 58044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58047
Source: unknown	Network traffic detected: HTTP traffic on port 58066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58040
Source: unknown	Network traffic detected: HTTP traffic on port 62077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58059
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58053
Source: unknown	Network traffic detected: HTTP traffic on port 58088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58055
Source: unknown	Network traffic detected: HTTP traffic on port 58103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58051
Source: unknown	Network traffic detected: HTTP traffic on port 62055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62040
Source: unknown	Network traffic detected: HTTP traffic on port 62108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62042
Source: unknown	Network traffic detected: HTTP traffic on port 62086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62039
Source: unknown	Network traffic detected: HTTP traffic on port 58060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62050
Source: unknown	Network traffic detected: HTTP traffic on port 58116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62053
Source: unknown	Network traffic detected: HTTP traffic on port 58072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62043
Source: unknown	Network traffic detected: HTTP traffic on port 58048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62048
Source: unknown	Network traffic detected: HTTP traffic on port 62074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62049
Source: unknown	Network traffic detected: HTTP traffic on port 62051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62062
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62064
Source: unknown	Network traffic detected: HTTP traffic on port 58014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62055
Source: unknown	Network traffic detected: HTTP traffic on port 58047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62059
Source: unknown	Network traffic detected: HTTP traffic on port 62098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62075
Source: unknown	Network traffic detected: HTTP traffic on port 58036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62067
Source: unknown	Network traffic detected: HTTP traffic on port 58084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62069
Source: unknown	Network traffic detected: HTTP traffic on port 58025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62112
Source: unknown	Network traffic detected: HTTP traffic on port 58118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58107 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62081
Source: unknown	Network traffic detected: HTTP traffic on port 62110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62086
Source: unknown	Network traffic detected: HTTP traffic on port 62082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62078
Source: unknown	Network traffic detected: HTTP traffic on port 58049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62079
Source: unknown	Network traffic detected: HTTP traffic on port 62073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62094
Source: unknown	Network traffic detected: HTTP traffic on port 62050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62097
Source: unknown	Network traffic detected: HTTP traffic on port 58038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62087
Source: unknown	Network traffic detected: HTTP traffic on port 58061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62089
Source: unknown	Network traffic detected: HTTP traffic on port 58082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62099
Source: unknown	Network traffic detected: HTTP traffic on port 62094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62072 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:62067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:58069 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\sets.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping2908_1188347066\manifest.fingerprint	Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_2908_2139363253

Jump to behavior

PE file does not import any functions

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr

Static PE information: No import functions for PE file found

PE file overlay found

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr

Static PE information: Data appended to the last section found

Source: classification engine

Classification label: clean4.win@28/58@40/19

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\Downloads\12ff91c6-4bc3-464a-b924-5c44a704daed.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.google.com/url?q=https://applications.zoom.us/addon/invitation/detail?meetingUuid%3D%252BJAY6v2LTHmCN%252BShxcZDnQ%253D%253D%26signature%3D3288f1e4a8dadc19f455cf0c9fcd93e4ca744f6fbd470f8518e31fe5fabf532c%26v%3D1&sa=D&source=calendar&usg=AOvVaw0T2-fu4h5tPwbdCU2y2lCO"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5964 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5964 --field-trial-handle=2208,i,17811650983729990506,3976685601423945229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr
Source:	Binary string: c:\jenkins\workspace\Client\Client\Windows\launcher\Bin\Release\NewZoomWebLauncher.pdb~~ source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr

PE file contains an invalid checksum

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr

Static PE information: real checksum: 0x31176 should be: 0x11b73

PE file contains sections with non-standard names

Source: 12ff91c6-4bc3-464a-b924-5c44a704daed.tmp.0.dr	Static PE information: section name: .didat
Source: Unconfirmed 28383.crdownload.0.dr	Static PE information: section name: .didat
Source: chromecache_156.2.dr	Static PE information: section name: .didat

Drops PE files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\Unconfirmed 28383.crdownload	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\12ff91c6-4bc3-464a-b924-5c44a704daed.tmp	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 156	Jump to dropped file

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 156
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 156			Jump to dropped file

Source: Unconfirmed 28383.crdownload.0.dr, chromecache_156.2.dr

ID:	1546432
Product:	CloudBasic
Start time:	22:04:46
Start date:	31.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

Cryptography

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

HIPS / PFW / Operating System Protection Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs