Windows Analysis Report
https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/

Overview

General Information

Sample URL: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/
Analysis ID: 1562770
Infos:

Detection

Score: 20
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

AI detected suspicious URL

Classification

Phishing
barindex
AI detected suspicious URL
Source: Email Joe Sandbox AI: AI detected Brand spoofing attempt in URL: https://anz.pfm.law
Source: unknown HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49776 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49810 version: TLS 1.2
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: global traffic HTTP traffic detected: GET /go/xmKDa5CjvX27AwGjR5C3/ HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_content/Blazorise.Icons.FontAwesome/v6/css/all.min.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /npm/signature_pad@4.0.4/dist/signature_pad.umd.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/bootstrap@4.6.1/dist/css/bootstrap.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://anz.pfm.lawsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/jquery@3.5.1/dist/jquery.slim.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://anz.pfm.lawsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/bootstrap@4.6.1/dist/js/bootstrap.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://anz.pfm.lawsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_content/Blazorise/blazorise.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /_content/Blazorise.Bootstrap/blazorise.bootstrap.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /_content/Blazorise.Snackbar/blazorise.snackbar.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /_content/Blazorise.LoadingIndicator/blazorise.loadingindicator.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /_content/Blazorise.SpinKit/blazorise.spinkit.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /npm/signature_pad@4.0.4/dist/signature_pad.umd.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/bootstrap@4.6.1/dist/js/bootstrap.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/jquery@3.5.1/dist/jquery.slim.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /CaseFunnel.CaseSites.Host.styles.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_content/CaseFunnel.CaseSites.Controls/CaseFunnel.CaseSites.Controls.bundle.scp.css HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://anz.pfm.law/CaseFunnel.CaseSites.Host.styles.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581eeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=YL6U9KWO8LlAsZ4EPQVJDDs1p5WBYSieK97i51wPWDwd/OWXI/SbRhjfE+Oz+SnWlxcMUVgG8PCxyoJji18zwsgL6dvWwAwCqSCkfrPjulPsuiNgN61DQ0cS3qbm; AWSALBCORS=YL6U9KWO8LlAsZ4EPQVJDDs1p5WBYSieK97i51wPWDwd/OWXI/SbRhjfE+Oz+SnWlxcMUVgG8PCxyoJji18zwsgL6dvWwAwCqSCkfrPjulPsuiNgN61DQ0cS3qbm
Source: global traffic HTTP traffic detected: GET /_framework/blazor.web.js HTTP/1.1Host: anz.pfm.lawConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALB=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; AWSALBCORS=PjKpF04jsgnHatx3Fp2gg6li7DVKXlQdaoQrt5JY14sbKXQ/myMUy3AygEzSD2q5bLLTk980Agu0O9/+H1RZXKh1oGLT7mfU06YDLKNcPjR7FW9Lkwy6KqKyTq5m; .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo
Source: global traffic HTTP traffic detected: GET /npm/mermaid@10/dist/mermaid.esm.min.mjs HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://anz.pfm.lawsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zZag6YwYzsGRBcm&MD=zTKRtyzo HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /_framework/blazor.web.js HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=B0q6d+AESPK7Crwk1q38MvNXDhCSnUO06CbtZ/3LDQcWDX+KtdxbIpJGWohBzfucCsfDTOcZ+AookoRzSV+Tk5YNNHwdWlJry6qMt3Ufu33vAOT5jchTfXtU7XXT; AWSALBCORS=B0q6d+AESPK7Crwk1q38MvNXDhCSnUO06CbtZ/3LDQcWDX+KtdxbIpJGWohBzfucCsfDTOcZ+AookoRzSV+Tk5YNNHwdWlJry6qMt3Ufu33vAOT5jchTfXtU7XXT
Source: global traffic HTTP traffic detected: GET /npm/mermaid@10/dist/mermaid.esm.min.mjs HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/mermaid@10/dist/mermaid-5a5980d4.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://anz.pfm.lawsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.esm.min.mjsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /npm/mermaid@10/dist/mermaid-5a5980d4.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_blazor/initializers HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=E1kwu3MvR7h0hxWUnBOwXAkS6DynlL44fF/rrlmq6bqDxje59xlt5/5rXwzXHer9NbKvaISwbHcG7gJiG4tEXRmGf7+qW4fWSbm4l7aZ8ynPB/iPkvRqxjpdCeEg; AWSALBCORS=E1kwu3MvR7h0hxWUnBOwXAkS6DynlL44fF/rrlmq6bqDxje59xlt5/5rXwzXHer9NbKvaISwbHcG7gJiG4tEXRmGf7+qW4fWSbm4l7aZ8ynPB/iPkvRqxjpdCeEg
Source: global traffic HTTP traffic detected: GET /_blazor/initializers HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=6jAXzmd0+D+1UfYOMsSQl5nV4T7a2eyIpgQRitHr0pzK82uxqgNLlVn+Pi5JEOaHj+el06C8pgfRXVNQGPdrV6QZcRjv1MOGVxfLZZYu4J4J9nelKqvkdnuLDApR; AWSALBCORS=6jAXzmd0+D+1UfYOMsSQl5nV4T7a2eyIpgQRitHr0pzK82uxqgNLlVn+Pi5JEOaHj+el06C8pgfRXVNQGPdrV6QZcRjv1MOGVxfLZZYu4J4J9nelKqvkdnuLDApR
Source: global traffic HTTP traffic detected: GET /pfm_brisbane/live/favicon.ico?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: cases.au.casefunnel.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://anz.pfm.law/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_blazor?id=XV31ZbJYMyP6SAXIY6UZnw HTTP/1.1Host: anz.pfm.lawConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://anz.pfm.lawSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=NA86FGidihje2n7mzz04VnK0NK6oltu0P/FilgZxHAfz5JqJAt34X38BCjxpV3f3EfEeLkWCXGl/5IBUwSBDEoyuPH8vLPiQPm59AVBOk5DsXBL/WYpHDeaNReD0; AWSALBCORS=NA86FGidihje2n7mzz04VnK0NK6oltu0P/FilgZxHAfz5JqJAt34X38BCjxpV3f3EfEeLkWCXGl/5IBUwSBDEoyuPH8vLPiQPm59AVBOk5DsXBL/WYpHDeaNReD0Sec-WebSocket-Key: 4QrWZCdRx3zWJnspVx3vkA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=NA86FGidihje2n7mzz04VnK0NK6oltu0P/FilgZxHAfz5JqJAt34X38BCjxpV3f3EfEeLkWCXGl/5IBUwSBDEoyuPH8vLPiQPm59AVBOk5DsXBL/WYpHDeaNReD0; AWSALBCORS=NA86FGidihje2n7mzz04VnK0NK6oltu0P/FilgZxHAfz5JqJAt34X38BCjxpV3f3EfEeLkWCXGl/5IBUwSBDEoyuPH8vLPiQPm59AVBOk5DsXBL/WYpHDeaNReD0
Source: global traffic HTTP traffic detected: GET /pfm_brisbane/live/favicon.ico?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee HTTP/1.1Host: cases.au.casefunnel.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=WvQkrxRzC1/uAaMM8HqAj/JEcGcP+a7ExTalyHz6WqcVZ0a3TwMWBfOFUWdrhjcBxw4j5Foz1ETyFpnvJFb4UTx6nJ+NQPV+v5PjJm34pOuyEbOIbd6VxMr93iee; AWSALBCORS=WvQkrxRzC1/uAaMM8HqAj/JEcGcP+a7ExTalyHz6WqcVZ0a3TwMWBfOFUWdrhjcBxw4j5Foz1ETyFpnvJFb4UTx6nJ+NQPV+v5PjJm34pOuyEbOIbd6VxMr93iee
Source: global traffic HTTP traffic detected: GET /_blazor?id=pK0fipVt-34eDd4VgEtMgw&_=1732579305386 HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=WvQkrxRzC1/uAaMM8HqAj/JEcGcP+a7ExTalyHz6WqcVZ0a3TwMWBfOFUWdrhjcBxw4j5Foz1ETyFpnvJFb4UTx6nJ+NQPV+v5PjJm34pOuyEbOIbd6VxMr93iee; AWSALBCORS=WvQkrxRzC1/uAaMM8HqAj/JEcGcP+a7ExTalyHz6WqcVZ0a3TwMWBfOFUWdrhjcBxw4j5Foz1ETyFpnvJFb4UTx6nJ+NQPV+v5PjJm34pOuyEbOIbd6VxMr93iee
Source: global traffic HTTP traffic detected: GET /_blazor?id=pK0fipVt-34eDd4VgEtMgw&_=1732579308595 HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=MSgZfWSVWTCoGvqHkLEuTJ43BvQBVUOSC6N4kyWURFjom91STFH9+fALJ/3IpWiw5eE75kL15jml3o39q8m3x3iDZqEF1BpMmIY6d7/Fn08vwbrDhFpdSN0l3jL5; AWSALBCORS=MSgZfWSVWTCoGvqHkLEuTJ43BvQBVUOSC6N4kyWURFjom91STFH9+fALJ/3IpWiw5eE75kL15jml3o39q8m3x3iDZqEF1BpMmIY6d7/Fn08vwbrDhFpdSN0l3jL5
Source: global traffic HTTP traffic detected: GET /_blazor?id=pK0fipVt-34eDd4VgEtMgw&_=1732579305386 HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=MSgZfWSVWTCoGvqHkLEuTJ43BvQBVUOSC6N4kyWURFjom91STFH9+fALJ/3IpWiw5eE75kL15jml3o39q8m3x3iDZqEF1BpMmIY6d7/Fn08vwbrDhFpdSN0l3jL5; AWSALBCORS=MSgZfWSVWTCoGvqHkLEuTJ43BvQBVUOSC6N4kyWURFjom91STFH9+fALJ/3IpWiw5eE75kL15jml3o39q8m3x3iDZqEF1BpMmIY6d7/Fn08vwbrDhFpdSN0l3jL5
Source: global traffic HTTP traffic detected: GET /_blazor?id=pK0fipVt-34eDd4VgEtMgw HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=HikrUbhjbiOf6VJdR7xt/8v758EV7oy1hbYtKrKtMA0kthlG7ZYw5SiCo/5eAULbkS0x/YxUYgZHo8u0tLoHTBUDBvOcxj8OhF3quszFvEZZDbKXdNGZaHXcS3ih; AWSALBCORS=HikrUbhjbiOf6VJdR7xt/8v758EV7oy1hbYtKrKtMA0kthlG7ZYw5SiCo/5eAULbkS0x/YxUYgZHo8u0tLoHTBUDBvOcxj8OhF3quszFvEZZDbKXdNGZaHXcS3ih
Source: global traffic HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=zZag6YwYzsGRBcm&MD=zTKRtyzo HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic DNS traffic detected: DNS query: anz.pfm.law
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic DNS traffic detected: DNS query: www.recaptcha.net
Source: global traffic DNS traffic detected: DNS query: cases.au.casefunnel.io
Source: unknown HTTP traffic detected: POST /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: anz.pfm.lawConnection: keep-aliveContent-Length: 0Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: */*Origin: https://anz.pfm.lawSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Culture=c%3Den%7Cuic%3Den; .AspNetCore.Antiforgery.VyLW6ORzMgk=CfDJ8FKIj9XLcIRKjxQ2fgMZqnPSWwsxdjjV-9wtclzykFYmYUJwebiodyGXxKcKuMReksEbo6EgD2a51zQfZgvBjRd5vroqVSutyywtFxLoTWVuj-DfYdneWzRwilQK1clO-8O-u5XWOADrNY6YK8nAxEo; AWSALB=6jAXzmd0+D+1UfYOMsSQl5nV4T7a2eyIpgQRitHr0pzK82uxqgNLlVn+Pi5JEOaHj+el06C8pgfRXVNQGPdrV6QZcRjv1MOGVxfLZZYu4J4J9nelKqvkdnuLDApR; AWSALBCORS=6jAXzmd0+D+1UfYOMsSQl5nV4T7a2eyIpgQRitHr0pzK82uxqgNLlVn+Pi5JEOaHj+el06C8pgfRXVNQGPdrV6QZcRjv1MOGVxfLZZYu4J4J9nelKqvkdnuLDApR
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: http://g.co/dev/maps-no-account
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: http://www.broofa.com
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_102.1.dr String found in binary or memory: https://developer.mozilla.org/docs/Web/API/EventTarget/addEventListener
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: https://developers.google.com/maps/deprecations
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: https://developers.google.com/maps/documentation/javascript/advanced-markers/migration
Source: chromecache_105.1.dr, chromecache_70.1.dr, chromecache_107.1.dr, chromecache_88.1.dr String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#
Source: chromecache_102.1.dr String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: https://developers.google.com/maps/documentation/javascript/libraries
Source: chromecache_102.1.dr String found in binary or memory: https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling
Source: chromecache_111.1.dr String found in binary or memory: https://developers.google.com/maps/documentation/javascript/versions#beta-channel
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_89.1.dr String found in binary or memory: https://fontawesome.com
Source: chromecache_89.1.dr String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxI9kq1umA.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxIvkq1umA.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJFkq1umA.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJMkq1umA.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJOkq1umA.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJPkq1umA.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRxC7mw9c.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRxi7mw9c.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRxy7mw9c.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRzS7mw9c.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2)
Source: chromecache_98.1.dr String found in binary or memory: https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
Source: chromecache_106.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
Source: chromecache_94.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCFPrEHJA.woff2)
Source: chromecache_94.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2)
Source: chromecache_94.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2)
Source: chromecache_94.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2)
Source: chromecache_94.1.dr String found in binary or memory: https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrEHJA.woff2)
Source: chromecache_69.1.dr, chromecache_110.1.dr, chromecache_83.1.dr String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_109.1.dr, chromecache_112.1.dr String found in binary or memory: https://gist.github.com/mjackson/5311256
Source: chromecache_82.1.dr String found in binary or memory: https://github.com/Simonwep/pickr
Source: chromecache_109.1.dr, chromecache_112.1.dr String found in binary or memory: https://github.com/nodeca/js-yaml
Source: chromecache_74.1.dr, chromecache_79.1.dr String found in binary or memory: https://github.com/szimek/signature_pad
Source: chromecache_69.1.dr, chromecache_110.1.dr, chromecache_83.1.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_69.1.dr, chromecache_83.1.dr String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: https://goo.gle/js-api-loading
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://goo.gle/js-open-now
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://goo.gle/js-open-now.
Source: chromecache_76.1.dr, chromecache_95.1.dr String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/59/1/main.js
Source: chromecache_76.1.dr, chromecache_95.1.dr String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/59/1/places.js
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://maps.googleapis.com/maps/api/staticmap
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://places.googleapis.com/v1/places/$
Source: chromecache_109.1.dr, chromecache_112.1.dr String found in binary or memory: https://planetcalc.com/7779
Source: chromecache_96.1.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://support.google.com/contributionpolicy/answer/7422880
Source: chromecache_78.1.dr, chromecache_102.1.dr String found in binary or memory: https://support.google.com/fusiontables/answer/9185417).
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://support.google.com/maps/answer/3092445
Source: chromecache_96.1.dr String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_70.1.dr, chromecache_88.1.dr String found in binary or memory: https://www.google.com
Source: chromecache_104.1.dr, chromecache_111.1.dr String found in binary or memory: https://www.google.com/maps/dir/
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_93.1.dr, chromecache_96.1.dr String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__.
Source: chromecache_75.1.dr, chromecache_90.1.dr String found in binary or memory: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Source: chromecache_75.1.dr, chromecache_90.1.dr String found in binary or memory: https://www.recaptcha.net/recaptcha/api2/
Source: chromecache_109.1.dr, chromecache_112.1.dr String found in binary or memory: https://www.yaml.org/spec/1.2/spec.html#id2803231
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49761 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49776 version: TLS 1.2
Source: unknown HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49810 version: TLS 1.2
Source: classification engine Classification label: sus20.win@16/74@18/9
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=2200,i,2661925225389726080,10877470526721508930,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=2200,i,2661925225389726080,10877470526721508930,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1562770 URL: https://anz.pfm.law/go/xmKD... Startdate: 26/11/2024 Architecture: WINDOWS Score: 20 24 AI detected suspicious URL 2->24 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.4, 138, 443, 49741 unknown unknown 6->14 16 239.255.255.250 unknown Reserved 6->16 11 chrome.exe 6->11         started        process5 dnsIp6 18 anz.pfm.law 11->18 20 www.recaptcha.net 172.217.19.227, 443, 49751, 49767 GOOGLEUS United States 11->20 22 8 other IPs or domains 11->22
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
151.101.1.229
 unknown United States
54113 FASTLYUS false
172.217.19.227
 www.recaptcha.net United States
15169 GOOGLEUS false
151.101.65.229
 jsdelivr.map.fastly.net United States
54113 FASTLYUS false
108.158.75.57
 d1aqjsl8x3ggu4.cloudfront.net United States
16509 AMAZON-02US false
239.255.255.250
 unknown Reserved
unknown unknown false
13.227.8.67
 unknown United States
16509 AMAZON-02US false
172.217.21.36
 www.google.com United States
15169 GOOGLEUS false
13.227.8.109
 d3jw5edstn5jte.cloudfront.net United States
16509 AMAZON-02US false

Private

IP
192.168.2.4

Contacted Domains

Name IP Active
jsdelivr.map.fastly.net 151.101.65.229 true
d1aqjsl8x3ggu4.cloudfront.net 108.158.75.57 true
www.recaptcha.net 172.217.19.227 true
d3jw5edstn5jte.cloudfront.net 13.227.8.109 true
www.google.com 172.217.21.36 true
cases.au.casefunnel.io unknown unknown
anz.pfm.law unknown unknown
cdn.jsdelivr.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://anz.pfm.law/_blazor/negotiate?negotiateVersion=1 false
  • Avira URL Cloud: safe
 unknown
https://anz.pfm.law/_content/Blazorise.Bootstrap/blazorise.bootstrap.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
  • Avira URL Cloud: safe
 unknown
https://anz.pfm.law/_content/Blazorise.Icons.FontAwesome/v6/css/all.min.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
  • Avira URL Cloud: safe
 unknown
https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid-5a5980d4.js false
    		high
    https://anz.pfm.law/_blazor?id=pK0fipVt-34eDd4VgEtMgw false
    • Avira URL Cloud: safe
    		 unknown
    https://anz.pfm.law/_content/CaseFunnel.CaseSites.Controls/CaseFunnel.CaseSites.Controls.bundle.scp.css false
    • Avira URL Cloud: safe
    		 unknown
    https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js false
      		high
      https://anz.pfm.law/_blazor?id=pK0fipVt-34eDd4VgEtMgw&_=1732579308595 false
      • Avira URL Cloud: safe
      		 unknown
      https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js false
        		high
        https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css false
          		high
          https://cases.au.casefunnel.io/pfm_brisbane/live/favicon.ico?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
          • Avira URL Cloud: safe
          		 unknown
          https://cdn.jsdelivr.net/npm/signature_pad@4.0.4/dist/signature_pad.umd.min.js false
            		high
            https://anz.pfm.law/_framework/blazor.web.js false
            • Avira URL Cloud: safe
            		 unknown
            https://anz.pfm.law/_content/Blazorise.SpinKit/blazorise.spinkit.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
            • Avira URL Cloud: safe
            		 unknown
            https://anz.pfm.law/_content/Blazorise.LoadingIndicator/blazorise.loadingindicator.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
            • Avira URL Cloud: safe
            		 unknown
            https://anz.pfm.law/CaseFunnel.CaseSites.Host.styles.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
            • Avira URL Cloud: safe
            		 unknown
            https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.esm.min.mjs false
              		high
              https://anz.pfm.law/_content/Blazorise.Snackbar/blazorise.snackbar.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
              • Avira URL Cloud: safe
              		 unknown
              https://anz.pfm.law/_content/Blazorise/blazorise.css?v=e885d280990662f66b61148288096ad1f68da9cf8d3a55b57281cf67a0d581ee false
              • Avira URL Cloud: safe
              		 unknown
              https://anz.pfm.law/_blazor?id=XV31ZbJYMyP6SAXIY6UZnw false
              • Avira URL Cloud: safe
              		 unknown
              https://anz.pfm.law/_blazor?id=pK0fipVt-34eDd4VgEtMgw&_=1732579305386 false
              • Avira URL Cloud: safe
              		 unknown
              https://anz.pfm.law/_blazor/initializers false
              • Avira URL Cloud: safe
              		 unknown
              https://anz.pfm.law/go/xmKDa5CjvX27AwGjR5C3/ false
                		unknown