Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://218.4.51.20:85/sztjj/qytb.action

Overview

General Information

Sample URL:https://218.4.51.20:85/sztjj/qytb.action
Analysis ID:1544351
Infos:
Errors
  • URL not reachable

Detection

Score:20
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

AI detected suspicious URL
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 728 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4524 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,5810063956079547695,12832536165437259567,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5252 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://218.4.51.20:85/sztjj/qytb.action" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownTCP traffic detected without corresponding DNS query: 218.4.51.20
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49724 version: TLS 1.2
Source: classification engineClassification label: sus20.win@17/6@2/4
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,5810063956079547695,12832536165437259567,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://218.4.51.20:85/sztjj/qytb.action"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,5810063956079547695,12832536165437259567,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected

Persistence and Installation Behavior

barindex
AI detected suspicious URL
Source: EmailJoeBoxAI: AI detected IP in URL: URL: https://218.4.51.20:85
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    s-part-0017.t-0009.t-msedge.net
    		13.107.246.45
    		truefalse
      		unknown
      www.google.com
      		142.250.185.228
      		truefalse
        		unknown
        fp2e7a.wpc.phicdn.net
        		192.229.221.95
        		truefalse
          		unknown

          World Map of Contacted IPs

          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs

          Public IPs

          IPDomainCountryFlagASNASN NameMalicious
          142.250.185.228
          		www.google.comUnited States
          		15169GOOGLEUSfalse
          239.255.255.250
          		unknownReserved
          		unknownunknownfalse
          218.4.51.20
          		unknownChina
          		4134CHINANET-BACKBONENo31Jin-rongStreetCNtrue

          Private

          IP
          192.168.2.5

          General Information

          Joe Sandbox version:41.0.0 Charoite
          Analysis ID:1544351
          Start date and time:2024-10-29 10:11:29 +01:00
          Joe Sandbox product:CloudBasic
          Overall analysis duration:0h 2m 0s
          Hypervisor based Inspection enabled:false
          Report type:full
          Cookbook file name:browseurl.jbs
          Sample URL:https://218.4.51.20:85/sztjj/qytb.action
          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
          Number of analysed new started processes analysed:6
          Number of new started drivers analysed:0
          Number of existing processes analysed:0
          Number of existing drivers analysed:0
          Number of injected processes analysed:0
          Technologies:
          • HCA enabled
          • EGA enabled
          • AMSI enabled
          Analysis Mode:default
          Analysis stop reason:Timeout
          Detection:SUS
          Classification:sus20.win@17/6@2/4
          EGA Information:Failed
          HCA Information:
          • Successful, ratio: 100%
          • Number of executed functions: 0
          • Number of non-executed functions: 0
          Cookbook Comments:
          • URL browsing timeout or error

          Errors

          • URL not reachable

          Warnings

          • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
          • Excluded IPs from analysis (whitelisted): 74.125.133.84, 142.250.186.142, 142.250.185.195, 34.104.35.123, 142.250.184.195, 142.250.186.99, 184.28.90.27, 4.175.87.197, 199.232.210.172, 192.229.221.95, 52.165.164.15
          • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, www.gstatic.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
          • Not all processes where analyzed, report is missing behavior information
          • Report size getting too big, too many NtSetInformationFile calls found.
          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
          • VT rate limit hit for: https://218.4.51.20:85/sztjj/qytb.action

          Simulations

          Behavior and APIs

          No simulations

          LLM Input / Output

          Joe Sandbox View / Context

          IPs

          No context

          Domains

          No context

          ASNs

          No context

          JA3 Fingerprints

          No context

          Dropped Files

          No context

          Created / dropped Files

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 08:12:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2677
          Entropy (8bit):3.979377675402813
          Encrypted:false
          SSDEEP:48:8Cd7TjbfHVidAKZdA19ehwiZUklqehGfy+3:867Phfy
          MD5:EEEEA1788505345EDA0D4C55C5C6E2F0
          SHA1:DD42AC3B97B7FB5E0BDF63B50937F54745BD5CE1
          SHA-256:7E7F7934FAF38AA0E21848475302307EA45BDEEA24853ADD7A333435D99D8B8E
          SHA-512:0101C090AA1FCF4344F4EC83175789C1A638FCF5D1B152EA68FEDE327BF27A87BC2E3B25F52E3FD625CE2E7B310F45F2519AFF78E39DAC7B68675EE2D65CD8FA
          Malicious:false
          Reputation:low
          Preview:L..................F.@.. ...$+.,......p..)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Y.I....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.I....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.I....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y.I..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Y.I...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 08:12:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2679
          Entropy (8bit):3.992925081463205
          Encrypted:false
          SSDEEP:48:8bPd7TjbfHVidAKZdA1weh/iZUkAQkqehRfy+2:8bt719QEfy
          MD5:A561648E96D5B32C6FA6A9321F7F08B3
          SHA1:895F0F8F6B795FD7732ECBD63BFA2301A458FFA1
          SHA-256:BDE802FF5547F6F6A8D9901EF3B3FF3CFD5E0735E40A4BDE7D42C15F6E8BB17A
          SHA-512:230A2F1CBDA4D1938FFCF006DE9E44467C606AE7DFE71904A6A4F07233CBD63DCBD96D923F8312B13375E49C3028FC1FE446D926502C5B9D435369B341A98A05
          Malicious:false
          Reputation:low
          Preview:L..................F.@.. ...$+.,....'.\..)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Y.I....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.I....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.I....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y.I..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Y.I...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2693
          Entropy (8bit):4.006149904853387
          Encrypted:false
          SSDEEP:48:8xsd7TjbsHVidAKZdA14tseh7sFiZUkmgqeh7sHfy+BX:8x87InVfy
          MD5:DCA03B8A1B595FD13086360B71C07FFD
          SHA1:10D3C51477155B0C29B08DC197A8128F037279F0
          SHA-256:EA8B7C77E956DE23CB9BED77D8161E707CAA08E024739549B880B4189BC9A6D7
          SHA-512:46C9F87EA4527F429A50AA17AD6BA00C26E72F0F6EEFD5DDE3E484C0827A82ECCF01CFF70AF793BF566E749EF73BA4B6551357F20264E0205BF03717ACB3C2FF
          Malicious:false
          Reputation:low
          Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Y.I....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.I....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.I....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y.I..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 08:12:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2681
          Entropy (8bit):3.9948532479708474
          Encrypted:false
          SSDEEP:48:8zd7TjbfHVidAKZdA1vehDiZUkwqehdfy+R:8h7WPfy
          MD5:5CE19EB6D44BB7585F890424395DB3BF
          SHA1:F9F973E6A850E753732143408551FE0AACFF303C
          SHA-256:BE2D0923D7041C4F12C98E18DD0591F1A10E5FD4B619699117B75E8915A30656
          SHA-512:73F9528E03ACA2812BCBB3B5B556357E67177D6047E6B5C50B7A2A2B92329BFB08069B66C3F98169A153E1FDE9B1CA3162A3B07845A68C4DB1258EB1585DE6DE
          Malicious:false
          Reputation:low
          Preview:L..................F.@.. ...$+.,.....QT..)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Y.I....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.I....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.I....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y.I..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Y.I...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 08:12:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2681
          Entropy (8bit):3.979129907482326
          Encrypted:false
          SSDEEP:48:8Nd7TjbfHVidAKZdA1hehBiZUk1W1qeh7fy+C:87729bfy
          MD5:88D21C0AFD8D3F034F2B8DD83CFB6ACE
          SHA1:F802ABB1079456C0BD99F11B79E1AF13570574FF
          SHA-256:4DDC4C0321ABBFC53DF5FA70ABCFE2F36268C1B4AD8070347E096A490334ADFB
          SHA-512:150E1EDDFDD2736035B0137DDA6B569E7639A6EDB3EFA1A175D7DD6F99A9E644944EDAC367AB907785D2160ECDB6C9EB74D37CB51330F5C65DA2D2D21677C1A0
          Malicious:false
          Reputation:low
          Preview:L..................F.@.. ...$+.,....n+c..)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Y.I....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.I....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.I....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y.I..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Y.I...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 08:12:28 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
          Category:dropped
          Size (bytes):2683
          Entropy (8bit):3.9914623381020378
          Encrypted:false
          SSDEEP:48:87d7TjbfHVidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbVfy+yT+:8Z7IT/TbxWOvTbVfy7T
          MD5:4BBBC2D95C3AC103396387ED0601CEC5
          SHA1:E568D526A05A4E86EE6DA119042FC799B6E838B7
          SHA-256:D7A67D6C77A51EF04F8B5329FC7CCD8BBCFF5A821284F8AEFE5A751346F04E32
          SHA-512:8D9FF0E1EFCCC553D42FC17BFE0C48A17E4A37B969BCFB02466EB233A0D045A68949C91ECD94EE1922BC3123C4F8DC65CB9E6C8C446030B31C712F85705D99D8
          Malicious:false
          Reputation:low
          Preview:L..................F.@.. ...$+.,....P.J..)..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Y.I....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Y.I....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Y.I....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Y.I..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Y.I...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

          Static File Info

          No static file info

          Network Behavior

          Network Port Distribution

          TCP Packets

          TimestampSource PortDest PortSource IPDest IP
          Oct 29, 2024 10:12:15.721407890 CET49675443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:15.721415997 CET49674443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:15.830831051 CET49673443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:25.453594923 CET49675443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:25.453594923 CET49673443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:25.471355915 CET49674443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:27.179750919 CET4434970323.1.237.91192.168.2.5
          Oct 29, 2024 10:12:27.179883003 CET49703443192.168.2.523.1.237.91
          Oct 29, 2024 10:12:29.856411934 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:29.856863976 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:29.862670898 CET8549709218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:29.862745047 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:29.863483906 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:29.863745928 CET8549710218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:29.863807917 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:29.864315987 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:29.869822979 CET8549709218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:29.870815992 CET8549710218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:30.791925907 CET8549709218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:30.813795090 CET8549710218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:30.835524082 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:30.863639116 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.223902941 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.224118948 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.224364042 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.224641085 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.229336023 CET8549709218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:31.229441881 CET8549710218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:31.230025053 CET8549710218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:31.230117083 CET4971085192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.231161118 CET8549709218.4.51.20192.168.2.5
          Oct 29, 2024 10:12:31.231252909 CET4970985192.168.2.5218.4.51.20
          Oct 29, 2024 10:12:31.426567078 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:31.426585913 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:31.426729918 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:31.430561066 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:31.430576086 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:32.298775911 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:32.320036888 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:32.320049047 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:32.323812962 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:32.323903084 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:32.341481924 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:32.341674089 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:32.394503117 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:32.394512892 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:32.438297987 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:40.901513100 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:40.901542902 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:40.901774883 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:40.902359962 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:40.902374029 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:41.846259117 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:41.846348047 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:41.871921062 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:41.871942997 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:41.872251987 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:41.923816919 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.015661001 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.063343048 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264271975 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264295101 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264302969 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264323950 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264337063 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264347076 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264345884 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.264362097 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.264401913 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.264431953 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.286468029 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:42.286554098 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:42.286649942 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:42.383373976 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.383394003 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.383459091 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.383474112 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.383507013 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.383528948 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.502506018 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.502523899 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.502619028 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.502639055 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.502862930 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.621486902 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.621504068 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.621561050 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.621592999 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.621614933 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.621656895 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.740503073 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.740521908 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.740571976 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.740607023 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.740627050 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.740802050 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.859648943 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.859659910 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.859761000 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.859790087 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.859858036 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.979476929 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.979502916 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.979563951 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.979587078 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.979630947 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.979641914 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.979933023 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.979954004 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.980006933 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.980015039 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:42.980042934 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:42.980060101 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.098917007 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.098952055 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.098985910 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.099014997 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.099045038 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.099071026 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.217221975 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.217253923 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.217319012 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.217336893 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.217367887 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.217390060 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.335728884 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.335767984 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.335803986 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.335823059 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.335863113 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.335885048 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.454694986 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.454719067 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.454773903 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.454794884 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.454823971 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.454845905 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.503397942 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.503422022 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.503500938 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.503525972 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.503550053 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.503571987 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.521908045 CET49713443192.168.2.5142.250.185.228
          Oct 29, 2024 10:12:43.521938086 CET44349713142.250.185.228192.168.2.5
          Oct 29, 2024 10:12:43.573731899 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.573807001 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.573818922 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.573879957 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.573980093 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.573991060 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.574003935 CET49724443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.574011087 CET4434972413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.630150080 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.630189896 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.630439997 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.631258965 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.631289005 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.631427050 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.634550095 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.634565115 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.634618998 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.636199951 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.636209011 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.636264086 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.637104034 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.637115955 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.637273073 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.637643099 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.637660980 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.637728930 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.637743950 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.638051987 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.638065100 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.638175964 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.638194084 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:43.638462067 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:43.638473988 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.363260031 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.364243984 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.364264011 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.364931107 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.364937067 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.369704962 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.370178938 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.370210886 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.370641947 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.370649099 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.383116007 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.383498907 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.383513927 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.384057999 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.384063005 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.410582066 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.410952091 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.410974979 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.411530972 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.411537886 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.492743015 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.492770910 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.492832899 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.492835045 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.492885113 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.493125916 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.493145943 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.493159056 CET49728443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.493165970 CET4434972813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.496748924 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.496773005 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.496830940 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.497020960 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.497034073 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.500165939 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.500186920 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.500250101 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.500274897 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.500314951 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.500449896 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.500458956 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.500466108 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.500480890 CET49726443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.500503063 CET4434972613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.503212929 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.503246069 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.503398895 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.503484011 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.503500938 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.516794920 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.516818047 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.516865969 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.516875029 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.516966105 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.517013073 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.517071009 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.517079115 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.517098904 CET49727443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.517112970 CET4434972713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.520025969 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.520051956 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.520172119 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.520304918 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.520323038 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.559781075 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.559848070 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.559921980 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.560132980 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.560149908 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.560163975 CET49729443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.560169935 CET4434972913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.563621998 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.563656092 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.563731909 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.563954115 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.563970089 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.591634989 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.592140913 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.592152119 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.592828989 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.592837095 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.723272085 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.723464966 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.723566055 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.723685980 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.723685980 CET49725443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.723712921 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.723737001 CET4434972513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.726778030 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.726809978 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:44.727044106 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.727044106 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:44.727070093 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.230230093 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.231179953 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.231230974 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.231252909 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.231420994 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.231426001 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.231719017 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.231740952 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.232036114 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.232043028 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.264008045 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.265115976 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.265115976 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.265126944 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.265135050 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.303911924 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.304759979 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.304759979 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.304769993 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.304785013 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.360563993 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.360868931 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.361356020 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.361409903 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.361445904 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.361474037 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.361481905 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.361486912 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.361531973 CET49730443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.361541033 CET4434973013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.361999035 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.361999989 CET49731443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.362010956 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.362019062 CET4434973113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.364965916 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.364968061 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.364994049 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.364995003 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.365072966 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.365078926 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.365241051 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.365256071 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.365278959 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.365288019 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.396231890 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.396348953 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.396455050 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.396455050 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.396455050 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.398684978 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.398725986 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.398870945 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.398926020 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.398945093 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.437114954 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.437321901 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.437411070 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.437411070 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.437509060 CET49733443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.437525034 CET4434973313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.439764023 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.439785004 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.439941883 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.440052032 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.440063953 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.464543104 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.465411901 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.465411901 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.465430975 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.465445995 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.596285105 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.596430063 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.596546888 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.596728086 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.596728086 CET49734443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.596746922 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.596756935 CET4434973413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.599910021 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.599998951 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.600090027 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.600287914 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.600325108 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:45.704895973 CET49732443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:45.704910994 CET4434973213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.097966909 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.098550081 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.098561049 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.099047899 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.099052906 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.105551004 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.105926991 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.105947971 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.106353998 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.106360912 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.129482985 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.129833937 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.129857063 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.130248070 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.130254984 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.177231073 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.177715063 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.177732944 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.178184032 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.178189039 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.229727983 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.238761902 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.238820076 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.238878012 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.239078045 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.239099026 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.239118099 CET49735443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.239126921 CET4434973513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.242413998 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.242443085 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.242659092 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.242862940 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.242878914 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.263730049 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.263820887 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.263890982 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.264125109 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.264141083 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.264158010 CET49737443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.264164925 CET4434973713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.267201900 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.267290115 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.267447948 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.267616987 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.267654896 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.283021927 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.283035994 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.283360004 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.283371925 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.283380032 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.283772945 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.283845901 CET4434973613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.283983946 CET49736443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.285890102 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.285902977 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.285967112 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.286076069 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.286087990 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.309602022 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.309648991 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.309736967 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.309849024 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.309863091 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.309875011 CET49738443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.309881926 CET4434973813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.312355042 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.312438965 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.312558889 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.312743902 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.312778950 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.339688063 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.340112925 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.340132952 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.340574980 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.340581894 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.469961882 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.470067978 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.470139027 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.470370054 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.470386982 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.470402002 CET49739443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.470408916 CET4434973913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.473798990 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.473819017 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.473900080 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.474056005 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.474070072 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.973273039 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.973951101 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.973978996 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:46.974455118 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:46.974462032 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.001214981 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.001650095 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.001732111 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.002223015 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.002245903 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.022331953 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.022684097 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.022701025 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.023082972 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.023087978 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.055643082 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.056054115 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.056116104 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.056457043 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.056469917 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.103535891 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.103595018 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.103658915 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.104098082 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.104118109 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.104126930 CET49740443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.104132891 CET4434974013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.108971119 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.108998060 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.109077930 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.109479904 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.109487057 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.133204937 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.133373976 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.133429050 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.133667946 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.133668900 CET49741443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.133711100 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.133735895 CET4434974113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.136739969 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.136782885 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.136847019 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.136964083 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.136981964 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.152509928 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.152688026 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.152745008 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.152841091 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.152848005 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.152857065 CET49742443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.152861118 CET4434974213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.156486988 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.156510115 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.156577110 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.156825066 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.156836987 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.186163902 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.186244011 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.186352968 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.186422110 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.186422110 CET49743443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.186449051 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.186487913 CET4434974313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.188991070 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.189040899 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.189122915 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.189403057 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.189434052 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.201705933 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.202125072 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.202152967 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.202770948 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.202778101 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.332629919 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.332896948 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.332952976 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.333060980 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.333077908 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.333093882 CET49744443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.333108902 CET4434974413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.336247921 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.336272001 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.336523056 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.336700916 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.336713076 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.859082937 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.860318899 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.860318899 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.860330105 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.860337973 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.876468897 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.877198935 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.877223015 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.878670931 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.878676891 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.904558897 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.905014038 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.905023098 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.907557011 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.907562017 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.957075119 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.957977057 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.957977057 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.958055973 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.958086014 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.991921902 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.992053032 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.992301941 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.992301941 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.992542982 CET49745443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.992556095 CET4434974513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.995352983 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.995408058 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:47.995666981 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.995666981 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:47.995735884 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.008665085 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.008733988 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.008896112 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.008939981 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.008939981 CET49746443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.008959055 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.008970022 CET4434974613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.011707067 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.011737108 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.011917114 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.012042999 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.012063980 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.037604094 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.037668943 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.037832975 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.037858009 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.037858009 CET49747443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.037873983 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.037882090 CET4434974713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.040014029 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.040040016 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.040448904 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.040448904 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.040472984 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.083986044 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.085167885 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.085167885 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.085177898 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.085192919 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.086431026 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.086503029 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.086683035 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.086683035 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.086822987 CET49748443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.086833954 CET4434974813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.088795900 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.088836908 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.089051962 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.089132071 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.089149952 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.214163065 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.214306116 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.214550018 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.214550018 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.214907885 CET49749443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.214920044 CET4434974913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.217482090 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.217519999 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.217634916 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.217757940 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.217776060 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.719324112 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.719877005 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.719913960 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.720690966 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.720698118 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.757075071 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.757493019 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.757512093 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.758125067 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.758131027 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.769421101 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.769958973 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.769984007 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.770531893 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.770539045 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.825778008 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.826236963 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.826261044 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.826773882 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.826790094 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.848990917 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.849054098 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.850267887 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.850585938 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.850585938 CET49750443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.850630045 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.850656986 CET4434975013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.853713989 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.853768110 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.853832006 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.853946924 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.853955984 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.890166044 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.890235901 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.890397072 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.890443087 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.890460968 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.890474081 CET49751443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.890480995 CET4434975113.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.893152952 CET49756443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.893207073 CET4434975613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.893299103 CET49756443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.893431902 CET49756443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.893454075 CET4434975613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.899362087 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.899425983 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.899528980 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.899564028 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.899581909 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.899600983 CET49752443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.899609089 CET4434975213.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.901813030 CET49757443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.901839018 CET4434975713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.901952982 CET49757443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.902113914 CET49757443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.902127028 CET4434975713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.956847906 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.956927061 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.957089901 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.957139969 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.957158089 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.957170963 CET49753443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.957178116 CET4434975313.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.959564924 CET49758443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.959578991 CET4434975813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.959644079 CET49758443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.959799051 CET49758443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.959813118 CET4434975813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.983139992 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.983566046 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.983589888 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:48.984206915 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:48.984213114 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.117331982 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.117476940 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.117532015 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.117750883 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.117759943 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.117779016 CET49754443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.117784023 CET4434975413.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.120920897 CET49759443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.120960951 CET4434975913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.121057034 CET49759443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.121275902 CET49759443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.121293068 CET4434975913.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.572395086 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.572954893 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.572989941 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.573669910 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.573685884 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.637928009 CET4434975613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.638947010 CET49756443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.638947010 CET49756443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.639028072 CET4434975613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.639061928 CET4434975613.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.641712904 CET4434975713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.642086983 CET49757443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.642116070 CET4434975713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.642765045 CET49757443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.642807961 CET4434975713.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.691898108 CET4434975813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.692645073 CET49758443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.692671061 CET4434975813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.693149090 CET49758443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.693162918 CET4434975813.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.702261925 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.702351093 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.702569962 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.702614069 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.702614069 CET49755443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.702641010 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.702656031 CET4434975513.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.706696987 CET49760443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.706736088 CET4434976013.107.246.45192.168.2.5
          Oct 29, 2024 10:12:49.706935883 CET49760443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.707070112 CET49760443192.168.2.513.107.246.45
          Oct 29, 2024 10:12:49.707088947 CET4434976013.107.246.45192.168.2.5

          UDP Packets

          TimestampSource PortDest PortSource IPDest IP
          Oct 29, 2024 10:12:27.277807951 CET53593071.1.1.1192.168.2.5
          Oct 29, 2024 10:12:27.279423952 CET53581311.1.1.1192.168.2.5
          Oct 29, 2024 10:12:28.634277105 CET53548561.1.1.1192.168.2.5
          Oct 29, 2024 10:12:31.227572918 CET6083353192.168.2.51.1.1.1
          Oct 29, 2024 10:12:31.227842093 CET5086653192.168.2.51.1.1.1
          Oct 29, 2024 10:12:31.235271931 CET53508661.1.1.1192.168.2.5
          Oct 29, 2024 10:12:31.235903025 CET53608331.1.1.1192.168.2.5
          Oct 29, 2024 10:12:45.947720051 CET53644811.1.1.1192.168.2.5

          DNS Queries

          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
          Oct 29, 2024 10:12:31.227572918 CET192.168.2.51.1.1.10xcec4Standard query (0)www.google.comA (IP address)IN (0x0001)false
          Oct 29, 2024 10:12:31.227842093 CET192.168.2.51.1.1.10x2a57Standard query (0)www.google.com65IN (0x0001)false

          DNS Answers

          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
          Oct 29, 2024 10:12:31.235271931 CET1.1.1.1192.168.2.50x2a57No error (0)www.google.com65IN (0x0001)false
          Oct 29, 2024 10:12:31.235903025 CET1.1.1.1192.168.2.50xcec4No error (0)www.google.com142.250.185.228A (IP address)IN (0x0001)false
          Oct 29, 2024 10:12:36.448496103 CET1.1.1.1192.168.2.50x98No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
          Oct 29, 2024 10:12:36.448496103 CET1.1.1.1192.168.2.50x98No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
          Oct 29, 2024 10:12:37.115648985 CET1.1.1.1192.168.2.50x671bNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
          Oct 29, 2024 10:12:37.115648985 CET1.1.1.1192.168.2.50x671bNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
          Oct 29, 2024 10:12:40.899853945 CET1.1.1.1192.168.2.50xf9fNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
          Oct 29, 2024 10:12:40.899853945 CET1.1.1.1192.168.2.50xf9fNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false

          HTTP Request Dependency Graph

          • otelrules.azureedge.net

          HTTPS Proxied Packets

          Session IDSource IPSource PortDestination IPDestination Port
          0192.168.2.54972413.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:42 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:42 UTC561INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:42 GMT
          Content-Type: text/plain
          Content-Length: 218853
          Connection: close
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Cache-Control: public
          Last-Modified: Mon, 28 Oct 2024 13:23:36 GMT
          ETag: "0x8DCF753BAA1B278"
          x-ms-request-id: 174434da-801e-0015-686a-29f97f000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091242Z-15b8d89586ffsjj9qb0gmb1stn0000000ag00000000066wq
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:42 UTC15823INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
          Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
          2024-10-29 09:12:42 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
          Data Ascii: <S T="1" F="0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L>
          2024-10-29 09:12:42 UTC16384INData Raw: 3c 53 20 54 3d 22 33 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d
          Data Ascii: <S T="3" /> </T> <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-
          2024-10-29 09:12:42 UTC16384INData Raw: 6e 74 73 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a
          Data Ascii: nts" /> </C> <C T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" />
          2024-10-29 09:12:42 UTC16384INData Raw: 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
          Data Ascii: </S> <C T="U32" I="0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32"
          2024-10-29 09:12:42 UTC16384INData Raw: 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20
          Data Ascii: _Count"> <C> <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S
          2024-10-29 09:12:42 UTC16384INData Raw: 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22
          Data Ascii: <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3"
          2024-10-29 09:12:42 UTC16384INData Raw: 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65
          Data Ascii: </L> <R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false
          2024-10-29 09:12:43 UTC16384INData Raw: 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20
          Data Ascii: T="B" /> </R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" />
          2024-10-29 09:12:43 UTC16384INData Raw: 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54
          Data Ascii: O> </F> <F T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T


          Session IDSource IPSource PortDestination IPDestination Port
          1192.168.2.54972813.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:44 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:44 UTC563INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:44 GMT
          Content-Type: text/xml
          Content-Length: 2160
          Connection: close
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
          ETag: "0x8DC582BA3B95D81"
          x-ms-request-id: fc6998d3-101e-008d-52ad-2692e5000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091244Z-16849878b782d4lwcu6h6gmxnw00000005x000000000cpdm
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:44 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


          Session IDSource IPSource PortDestination IPDestination Port
          2192.168.2.54972613.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:44 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:44 UTC563INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:44 GMT
          Content-Type: text/xml
          Content-Length: 3788
          Connection: close
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
          ETag: "0x8DC582BAC2126A6"
          x-ms-request-id: 041e76a7-601e-005c-45ae-26f06f000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091244Z-16849878b78qfbkc5yywmsbg0c000000062g00000000208y
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:44 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


          Session IDSource IPSource PortDestination IPDestination Port
          3192.168.2.54972713.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:44 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:44 UTC563INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:44 GMT
          Content-Type: text/xml
          Content-Length: 2980
          Connection: close
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Vary: Accept-Encoding
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
          ETag: "0x8DC582BA80D96A1"
          x-ms-request-id: 834668b8-301e-0052-121c-2765d6000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091244Z-16849878b785dznd7xpawq9gcn00000007s00000000047hy
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:44 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


          Session IDSource IPSource PortDestination IPDestination Port
          4192.168.2.54972913.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:44 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:44 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:44 GMT
          Content-Type: text/xml
          Content-Length: 408
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
          ETag: "0x8DC582BB56D3AFB"
          x-ms-request-id: 11ae3112-301e-005d-596b-27e448000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091244Z-16849878b78bjkl8dpep89pbgg0000000510000000006swa
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:44 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


          Session IDSource IPSource PortDestination IPDestination Port
          5192.168.2.54972513.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:44 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:44 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:44 GMT
          Content-Type: text/xml
          Content-Length: 450
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
          ETag: "0x8DC582BD4C869AE"
          x-ms-request-id: 8f1f3dd8-601e-0097-4789-28f33a000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091244Z-15b8d89586f5s5nz3ffrgxn5ac00000006w000000000bhup
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:44 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


          Session IDSource IPSource PortDestination IPDestination Port
          6192.168.2.54973113.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:45 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:45 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:45 GMT
          Content-Type: text/xml
          Content-Length: 415
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
          ETag: "0x8DC582B9F6F3512"
          x-ms-request-id: e5fe76b8-601e-0050-2e06-262c9c000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091245Z-17c5cb586f6wmhkn5q6fu8c5ss00000005k0000000009wrc
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:45 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


          Session IDSource IPSource PortDestination IPDestination Port
          7192.168.2.54973013.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:45 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:45 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:45 GMT
          Content-Type: text/xml
          Content-Length: 474
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
          ETag: "0x8DC582B9964B277"
          x-ms-request-id: 7b93b929-d01e-0082-6676-27e489000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091245Z-16849878b78p8hrf1se7fucxk8000000074g00000000a6hw
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:45 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          8192.168.2.54973213.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:45 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:45 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:45 GMT
          Content-Type: text/xml
          Content-Length: 471
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
          ETag: "0x8DC582BB10C598B"
          x-ms-request-id: 4755be7f-e01e-0052-062b-26d9df000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091245Z-16849878b78q9m8bqvwuva4svc00000004y0000000001uqs
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:45 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          9192.168.2.54973313.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:45 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:45 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:45 GMT
          Content-Type: text/xml
          Content-Length: 632
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
          ETag: "0x8DC582BB6E3779E"
          x-ms-request-id: 1f7bc680-101e-0065-6904-274088000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091245Z-16849878b78qwx7pmw9x5fub1c00000004eg00000000772v
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:45 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


          Session IDSource IPSource PortDestination IPDestination Port
          10192.168.2.54973413.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:45 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:45 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:45 GMT
          Content-Type: text/xml
          Content-Length: 467
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
          ETag: "0x8DC582BA6C038BC"
          x-ms-request-id: e84b733d-701e-005c-1bb8-26bb94000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091245Z-16849878b78sx229w7g7at4nkg00000004hg000000008q4f
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:45 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          11192.168.2.54973613.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:46 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:46 GMT
          Content-Type: text/xml
          Content-Length: 407
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
          ETag: "0x8DC582BBAD04B7B"
          x-ms-request-id: 359c92e3-901e-0064-7ce8-28e8a6000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091246Z-17c5cb586f6gkqkwd0x1ge8t0400000006ug000000001u9d
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:46 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


          Session IDSource IPSource PortDestination IPDestination Port
          12192.168.2.54973513.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:46 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:46 GMT
          Content-Type: text/xml
          Content-Length: 486
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
          ETag: "0x8DC582BB344914B"
          x-ms-request-id: 0fe0dd21-c01e-0066-771c-26a1ec000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091246Z-16849878b782d4lwcu6h6gmxnw00000005y000000000at1r
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          X-Cache-Info: L1_T2
          Accept-Ranges: bytes
          2024-10-29 09:12:46 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          13192.168.2.54973713.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:46 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:46 GMT
          Content-Type: text/xml
          Content-Length: 427
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
          ETag: "0x8DC582BA310DA18"
          x-ms-request-id: f0c209fa-601e-00ab-740d-2966f4000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091246Z-17c5cb586f6r59nt869u8w8xt800000005700000000078w4
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          X-Cache-Info: L1_T2
          Accept-Ranges: bytes
          2024-10-29 09:12:46 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


          Session IDSource IPSource PortDestination IPDestination Port
          14192.168.2.54973813.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:46 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:46 GMT
          Content-Type: text/xml
          Content-Length: 486
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
          ETag: "0x8DC582B9018290B"
          x-ms-request-id: c8022c20-501e-00a3-08ae-26c0f2000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091246Z-16849878b78sx229w7g7at4nkg00000004g000000000c34x
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:46 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          15192.168.2.54973913.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:46 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:46 GMT
          Content-Type: text/xml
          Content-Length: 407
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
          ETag: "0x8DC582B9698189B"
          x-ms-request-id: d7faccb9-c01e-002b-307f-276e00000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091246Z-16849878b78nx5sne3fztmu6xc00000007ag000000004h9n
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:46 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


          Session IDSource IPSource PortDestination IPDestination Port
          16192.168.2.54974013.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:47 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 469
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
          ETag: "0x8DC582BBA701121"
          x-ms-request-id: 2fd6bd5d-d01e-007a-394f-26f38c000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-16849878b78j7llf5vkyvvcehs00000007bg00000000a4m3
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:47 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          17192.168.2.54974113.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:46 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:47 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 415
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
          ETag: "0x8DC582BA41997E3"
          x-ms-request-id: d3dff139-d01e-002b-5c94-2925fb000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-15b8d89586fxdh48qknu9dqk2g0000000a6g000000008wqc
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          X-Cache-Info: L1_T2
          Accept-Ranges: bytes
          2024-10-29 09:12:47 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


          Session IDSource IPSource PortDestination IPDestination Port
          18192.168.2.54974213.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:47 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 477
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
          ETag: "0x8DC582BB8CEAC16"
          x-ms-request-id: 9b05f8c0-e01e-0020-40f2-24de90000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-15b8d89586fhl2qtatrz3vfkf00000000ch0000000002fx7
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:47 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          19192.168.2.54974313.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:47 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 464
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
          ETag: "0x8DC582B97FB6C3C"
          x-ms-request-id: 1a39e609-901e-0048-60a3-26b800000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-16849878b78wc6ln1zsrz6q9w800000005wg00000000e32p
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:47 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


          Session IDSource IPSource PortDestination IPDestination Port
          20192.168.2.54974413.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:47 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 494
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
          ETag: "0x8DC582BB7010D66"
          x-ms-request-id: e7bd3bd0-f01e-003c-42e3-258cf0000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-15b8d89586fnsf5zkvx8tfb0zc00000001eg00000000599c
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:47 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          21192.168.2.54974513.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:47 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 419
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
          ETag: "0x8DC582B9748630E"
          x-ms-request-id: bfc21b6c-401e-0067-2636-2809c2000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-15b8d89586fnsf5zkvx8tfb0zc00000001dg0000000077a0
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          X-Cache-Info: L1_T2
          Accept-Ranges: bytes
          2024-10-29 09:12:47 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


          Session IDSource IPSource PortDestination IPDestination Port
          22192.168.2.54974613.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 472
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
          ETag: "0x8DC582B9DACDF62"
          x-ms-request-id: 2faa3f77-001e-008d-269c-27d91e000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-r197bdfb6b4hsj5bywyqk9r2xw00000007ug0000000020qh
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          23192.168.2.54974713.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:47 GMT
          Content-Type: text/xml
          Content-Length: 404
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
          ETag: "0x8DC582B9E8EE0F3"
          x-ms-request-id: 1abafd92-601e-0070-072b-27a0c9000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091247Z-16849878b78hh85qc40uyr8sc800000006q0000000001hnv
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


          Session IDSource IPSource PortDestination IPDestination Port
          24192.168.2.54974813.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:47 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:48 GMT
          Content-Type: text/xml
          Content-Length: 468
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
          ETag: "0x8DC582B9C8E04C8"
          x-ms-request-id: b7bd549c-e01e-0003-5b3c-280fa8000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091248Z-17c5cb586f6hn8cl90dxzu28kw00000006900000000063e3
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          25192.168.2.54974913.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:48 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:48 GMT
          Content-Type: text/xml
          Content-Length: 428
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
          ETag: "0x8DC582BAC4F34CA"
          x-ms-request-id: ef4969e5-401e-002a-2c3c-28c62e000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091248Z-15b8d89586fvpb59307bn2rcac00000001bg000000008sc8
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


          Session IDSource IPSource PortDestination IPDestination Port
          26192.168.2.54975013.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:48 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:48 GMT
          Content-Type: text/xml
          Content-Length: 499
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
          ETag: "0x8DC582B98CEC9F6"
          x-ms-request-id: 54a08b66-801e-008f-529b-272c5d000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091248Z-16849878b786fl7gm2qg4r5y7000000006n0000000005cf7
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          27192.168.2.54975113.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:48 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:48 GMT
          Content-Type: text/xml
          Content-Length: 415
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
          ETag: "0x8DC582B988EBD12"
          x-ms-request-id: 111e84cc-b01e-003e-6d58-268e41000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091248Z-17c5cb586f6wmhkn5q6fu8c5ss00000005t0000000000s8y
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


          Session IDSource IPSource PortDestination IPDestination Port
          28192.168.2.54975213.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:48 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:48 GMT
          Content-Type: text/xml
          Content-Length: 471
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
          ETag: "0x8DC582BB5815C4C"
          x-ms-request-id: 48c2ab4b-a01e-006f-620c-2813cd000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091248Z-15b8d89586fmc8ck21zz2rtg1w00000003gg000000005rh7
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          29192.168.2.54975313.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:48 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:48 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:48 GMT
          Content-Type: text/xml
          Content-Length: 419
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
          ETag: "0x8DC582BB32BB5CB"
          x-ms-request-id: 2760be74-301e-0096-200b-26e71d000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091248Z-16849878b78qf2gleqhwczd21s00000006n0000000000c30
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:48 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


          Session IDSource IPSource PortDestination IPDestination Port
          30192.168.2.54975413.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:48 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:49 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:49 GMT
          Content-Type: text/xml
          Content-Length: 494
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
          ETag: "0x8DC582BB8972972"
          x-ms-request-id: d73e8916-101e-008d-6973-2792e5000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091249Z-17c5cb586f69w69mgazyf263an00000005kg000000001181
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          X-Cache-Info: L1_T2
          Accept-Ranges: bytes
          2024-10-29 09:12:49 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          31192.168.2.54975513.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:49 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:49 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:49 GMT
          Content-Type: text/xml
          Content-Length: 420
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
          ETag: "0x8DC582B9DAE3EC0"
          x-ms-request-id: ce95f5ab-001e-0034-242a-27dd04000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091249Z-17c5cb586f6g6g2sa7kg5c0gg000000001h000000000919z
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:49 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


          Session IDSource IPSource PortDestination IPDestination Port
          32192.168.2.54975613.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:49 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:49 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:49 GMT
          Content-Type: text/xml
          Content-Length: 472
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
          ETag: "0x8DC582B9D43097E"
          x-ms-request-id: 3201f11f-301e-006e-7658-27f018000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091249Z-17c5cb586f62blg5ss55p9d6fn0000000720000000002ff3
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:49 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          33192.168.2.54975713.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:49 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:49 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:49 GMT
          Content-Type: text/xml
          Content-Length: 427
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
          ETag: "0x8DC582BA909FA21"
          x-ms-request-id: 69b48820-e01e-0099-092d-27da8a000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091249Z-17c5cb586f6wmhkn5q6fu8c5ss00000005r0000000003875
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:49 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


          Session IDSource IPSource PortDestination IPDestination Port
          34192.168.2.54975813.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:49 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:49 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:49 GMT
          Content-Type: text/xml
          Content-Length: 486
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
          ETag: "0x8DC582B92FCB436"
          x-ms-request-id: 01fc617d-601e-000d-05a4-262618000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091249Z-16849878b78smng4k6nq15r6s400000007r000000000f676
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:49 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          35192.168.2.54975913.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:49 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:49 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:49 GMT
          Content-Type: text/xml
          Content-Length: 423
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
          ETag: "0x8DC582BB7564CE8"
          x-ms-request-id: 214f201b-c01e-00ad-7c26-28a2b9000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091249Z-r197bdfb6b4c8q4qvwwy2byzsw00000006r0000000000073
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:49 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


          Session IDSource IPSource PortDestination IPDestination Port
          36192.168.2.54976013.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:50 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:50 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:50 GMT
          Content-Type: text/xml
          Content-Length: 478
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
          ETag: "0x8DC582B9B233827"
          x-ms-request-id: 25f4145c-101e-005a-559b-24882b000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091250Z-15b8d89586fvk4kmbg8pf84y8800000007ag00000000187w
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:50 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          37192.168.2.54976113.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:50 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:50 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:50 GMT
          Content-Type: text/xml
          Content-Length: 404
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
          ETag: "0x8DC582B95C61A3C"
          x-ms-request-id: a783173c-501e-008c-2349-27cd39000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091250Z-16849878b78smng4k6nq15r6s400000007r000000000f68g
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:50 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


          Session IDSource IPSource PortDestination IPDestination Port
          38192.168.2.54976213.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:50 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:50 UTC491INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:50 GMT
          Content-Type: text/xml
          Content-Length: 468
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
          ETag: "0x8DC582BB046B576"
          x-ms-request-id: ca0e8e6b-b01e-00ab-6a67-28dafd000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091250Z-15b8d89586fmc8ck21zz2rtg1w00000003fg000000006rcg
          x-fd-int-roxy-purgeid: 0
          X-Cache-Info: L1_T2
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:50 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


          Session IDSource IPSource PortDestination IPDestination Port
          39192.168.2.54976313.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:50 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net
          2024-10-29 09:12:50 UTC470INHTTP/1.1 200 OK
          Date: Tue, 29 Oct 2024 09:12:50 GMT
          Content-Type: text/xml
          Content-Length: 400
          Connection: close
          Cache-Control: public, max-age=604800, immutable
          Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
          ETag: "0x8DC582BB2D62837"
          x-ms-request-id: a96fbf53-401e-0016-5d5d-2653e0000000
          x-ms-version: 2018-03-28
          x-azure-ref: 20241029T091250Z-16849878b78tg5n42kspfr0x48000000067g00000000e71d
          x-fd-int-roxy-purgeid: 0
          X-Cache: TCP_HIT
          Accept-Ranges: bytes
          2024-10-29 09:12:50 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
          Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


          Session IDSource IPSource PortDestination IPDestination Port
          40192.168.2.54976413.107.246.45443
          TimestampBytes transferredDirectionData
          2024-10-29 09:12:50 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
          Connection: Keep-Alive
          Accept-Encoding: gzip
          User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Host: otelrules.azureedge.net


          Statistics

          CPU Usage

          Click to jump to process

          Memory Usage

          Click to jump to process

          Behavior

          Click to jump to process

          System Behavior

          General

          Target ID:0
          Start time:05:12:20
          Start date:29/10/2024
          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
          Wow64 process (32bit):false
          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Imagebase:0x7ff715980000
          File size:3'242'272 bytes
          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:C, C++ or other language
          Reputation:low
          Has exited:false

          General

          Target ID:2
          Start time:05:12:25
          Start date:29/10/2024
          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
          Wow64 process (32bit):false
          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2036,i,5810063956079547695,12832536165437259567,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
          Imagebase:0x7ff715980000
          File size:3'242'272 bytes
          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:C, C++ or other language
          Reputation:low
          Has exited:false

          General

          Target ID:3
          Start time:05:12:28
          Start date:29/10/2024
          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
          Wow64 process (32bit):false
          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://218.4.51.20:85/sztjj/qytb.action"
          Imagebase:0x7ff715980000
          File size:3'242'272 bytes
          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:C, C++ or other language
          Reputation:low
          Has exited:true

          Disassembly

          No disassembly