Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://sandisk2.oss-ap-northeast-2.aliyuncs.com

Overview

General Information

Sample URL:https://sandisk2.oss-ap-northeast-2.aliyuncs.com
Analysis ID:1565060
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2108 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6092 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2344,i,10421940951673069483,14524485779351776960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6500 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sandisk2.oss-ap-northeast-2.aliyuncs.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://sandisk2.oss-ap-northeast-2.aliyuncs.comAvira URL Cloud: detection malicious, Label: malware
Antivirus detection for URL or domain
Source: https://sandisk2.oss-ap-northeast-2.aliyuncs.com/Avira URL Cloud: Label: malware
Source: https://sandisk2.oss-ap-northeast-2.aliyuncs.com/favicon.icoAvira URL Cloud: Label: malware
Source: unknownHTTPS traffic detected: 2.23.161.164:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.161.164:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.161.164
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: sandisk2.oss-ap-northeast-2.aliyuncs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sandisk2.oss-ap-northeast-2.aliyuncs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sandisk2.oss-ap-northeast-2.aliyuncs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Z24EcC7PxL2NOu1&MD=YvVCBR8B HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Z24EcC7PxL2NOu1&MD=YvVCBR8B HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: sandisk2.oss-ap-northeast-2.aliyuncs.com
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: AliyunOSSDate: Fri, 29 Nov 2024 07:30:21 GMTContent-Type: application/xmlContent-Length: 375Connection: closex-oss-request-id: 67496D8DCBEF1D353385256Ax-oss-server-time: 1x-oss-ec: 0003-00000905
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: AliyunOSSDate: Fri, 29 Nov 2024 07:30:21 GMTContent-Type: application/xmlContent-Length: 385Connection: closex-oss-request-id: 67496D8DA7B08E3433277D9Ex-oss-server-time: 1x-oss-ec: 0026-00000001
Source: chromecache_42.2.drString found in binary or memory: https://api.alibabacloud.com/troubleshoot?q=0003-00000905
Source: chromecache_41.2.drString found in binary or memory: https://api.alibabacloud.com/troubleshoot?q=0026-00000001
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownHTTPS traffic detected: 2.23.161.164:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.161.164:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: classification engineClassification label: mal56.win@17/4@4/5
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2344,i,10421940951673069483,14524485779351776960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sandisk2.oss-ap-northeast-2.aliyuncs.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2344,i,10421940951673069483,14524485779351776960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://sandisk2.oss-ap-northeast-2.aliyuncs.com100%Avira URL Cloudmalware

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://api.alibabacloud.com/troubleshoot?q=0026-000000010%Avira URL Cloudsafe
https://sandisk2.oss-ap-northeast-2.aliyuncs.com/100%Avira URL Cloudmalware
https://api.alibabacloud.com/troubleshoot?q=0003-000009050%Avira URL Cloudsafe
https://sandisk2.oss-ap-northeast-2.aliyuncs.com/favicon.ico100%Avira URL Cloudmalware

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
sandisk2.oss-ap-northeast-2.aliyuncs.com
149.129.12.34
truefalse
    		unknown
    www.google.com
    		142.250.181.100
    		truefalse
      		high

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      https://sandisk2.oss-ap-northeast-2.aliyuncs.com/favicon.icotrue
      • Avira URL Cloud: malware
      		unknown
      https://sandisk2.oss-ap-northeast-2.aliyuncs.com/true
      • Avira URL Cloud: malware
      		unknown

      URLs from Memory and Binaries

      NameSourceMaliciousAntivirus DetectionReputation
      https://api.alibabacloud.com/troubleshoot?q=0026-00000001chromecache_41.2.drfalse
      • Avira URL Cloud: safe
      		unknown
      https://api.alibabacloud.com/troubleshoot?q=0003-00000905chromecache_42.2.drfalse
      • Avira URL Cloud: safe
      		unknown

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      239.255.255.250
      		unknownReserved
      		unknownunknownfalse
      149.129.12.34
      		sandisk2.oss-ap-northeast-2.aliyuncs.comSingapore
      		45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCfalse
      142.250.181.100
      		www.google.comUnited States
      		15169GOOGLEUSfalse

      Private

      IP
      192.168.2.4
      192.168.2.5

      General Information

      Joe Sandbox version:41.0.0 Charoite
      Analysis ID:1565060
      Start date and time:2024-11-29 08:29:18 +01:00
      Joe Sandbox product:CloudBasic
      Overall analysis duration:0h 2m 52s
      Hypervisor based Inspection enabled:false
      Report type:full
      Cookbook file name:browseurl.jbs
      Sample URL:https://sandisk2.oss-ap-northeast-2.aliyuncs.com
      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
      Number of analysed new started processes analysed:7
      Number of new started drivers analysed:0
      Number of existing processes analysed:0
      Number of existing drivers analysed:0
      Number of injected processes analysed:0
      Technologies:
      • HCA enabled
      • EGA enabled
      • AMSI enabled
      Analysis Mode:default
      Analysis stop reason:Timeout
      Detection:MAL
      Classification:mal56.win@17/4@4/5
      EGA Information:Failed
      HCA Information:
      • Successful, ratio: 100%
      • Number of executed functions: 0
      • Number of non-executed functions: 0

      Warnings

      • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
      • Excluded IPs from analysis (whitelisted): 216.58.208.227, 74.125.205.84, 172.217.19.238, 34.104.35.123, 199.232.214.172, 192.229.221.95, 172.217.17.67
      • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, otelrules.azureedge.net, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
      • Not all processes where analyzed, report is missing behavior information
      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
      • VT rate limit hit for: https://sandisk2.oss-ap-northeast-2.aliyuncs.com

      Simulations

      Behavior and APIs

      No simulations

      Joe Sandbox View / Context

      IPs

      No context

      Domains

      No context

      ASNs

      No context

      JA3 Fingerprints

      No context

      Dropped Files

      No context

      Created / dropped Files

      Chrome Cache Entry: 41

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:XML 1.0 document, ASCII text
      Category:downloaded
      Size (bytes):385
      Entropy (8bit):5.310919814947817
      Encrypted:false
      SSDEEP:12:TMHd9vHHcZUUqofo5yMYfjfXJP4YUYaEn:2d90ZK5yM+XJP41E
      MD5:5BF9D75ADA187C1DCCE0E1277E1C39D5
      SHA1:EC6ED45F30DEDEF69722351649685601A3C640F3
      SHA-256:B14C1DB7CF84F12EC697EFCD8656F526970652D9EA73DC073E3E885DA33F0C5D
      SHA-512:0E0750A34476B6B0E352488406AED0D233BB8318123DF8BECF571DB64FD8A385F7FC5475309B36A7B3A5E4B9AFC315F24A6FBB3512149F919BF27C4F13B7220B
      Malicious:false
      Reputation:low
      URL:https://sandisk2.oss-ap-northeast-2.aliyuncs.com/favicon.ico
      Preview:<?xml version="1.0" encoding="UTF-8"?>.<Error>. <Code>NoSuchKey</Code>. <Message>The specified key does not exist.</Message>. <RequestId>67496D8DA7B08E3433277D9E</RequestId>. <HostId>sandisk2.oss-ap-northeast-2.aliyuncs.com</HostId>. <Key>favicon.ico</Key>. <EC>0026-00000001</EC>. <RecommendDoc>https://api.alibabacloud.com/troubleshoot?q=0026-00000001</RecommendDoc>.</Error>.

      Chrome Cache Entry: 42

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:XML 1.0 document, ASCII text
      Category:downloaded
      Size (bytes):375
      Entropy (8bit):5.247330802395944
      Encrypted:false
      SSDEEP:6:TMVBd/Zbv3vK3gCRTgEisF7dPMZxfXz2mWJhZW5VlSLdeVTv12XgMrm84YAVnx6v:TMHd9vfK5hes9dPq1Wfo5yUVTEXJP4Yl
      MD5:F1FB8CBA7A1983AA61E186460C9B459F
      SHA1:DB748164A2191C3C34A4BFEF8619C68BFCF49F00
      SHA-256:E17CA4342B8FEC16B5E0B039EB5EA26E6D7B6EB7DAA1D5D84F88B396AF5392D6
      SHA-512:5D0E1636E0C055F6D4C3F9CD7EB33101CECF62FF8DB4D1E5BF28F2F07B4E80F464DCFE349669DEF6E753038C18D4D146B845DAF1BE5FD51FDA832DA331E74392
      Malicious:false
      Reputation:low
      URL:https://sandisk2.oss-ap-northeast-2.aliyuncs.com/
      Preview:<?xml version="1.0" encoding="UTF-8"?>.<Error>. <Code>AccessDenied</Code>. <Message>The bucket you access does not belong to you.</Message>. <RequestId>67496D8DCBEF1D353385256A</RequestId>. <HostId>sandisk2.oss-ap-northeast-2.aliyuncs.com</HostId>. <EC>0003-00000905</EC>. <RecommendDoc>https://api.alibabacloud.com/troubleshoot?q=0003-00000905</RecommendDoc>.</Error>.

      Static File Info

      No static file info

      Network Behavior

      Network Port Distribution

      TCP Packets

      TimestampSource PortDest PortSource IPDest IP
      Nov 29, 2024 08:30:04.367014885 CET49675443192.168.2.4173.222.162.32
      Nov 29, 2024 08:30:14.131639957 CET49675443192.168.2.4173.222.162.32
      Nov 29, 2024 08:30:16.419264078 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:16.419310093 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:16.419384003 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:16.419578075 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:16.419595957 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:17.712682962 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:17.712750912 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:17.712843895 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:17.714376926 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:17.714390039 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:18.161308050 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:18.161796093 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:18.161825895 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:18.162877083 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:18.162951946 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:18.164386988 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:18.164457083 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:18.209708929 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:18.209743977 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:18.256318092 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:18.607294083 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:18.607352972 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:18.607527971 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:18.607695103 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:18.607747078 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:18.607872963 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:18.607892990 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:18.607902050 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:18.608086109 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:18.608102083 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:19.167781115 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.167853117 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.171581984 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.171593904 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.171865940 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.211869001 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.224880934 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.267326117 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.685755968 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.685827017 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.685972929 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.749705076 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.749735117 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.749748945 CET49738443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.749754906 CET443497382.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.814538956 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.814589024 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:19.814651966 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.814938068 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:19.814948082 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:20.958925962 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:20.959655046 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:20.959676981 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:20.960131884 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:20.960200071 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:20.960859060 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:20.960910082 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:20.965162039 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:20.965290070 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:20.965342045 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.007356882 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.012322903 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.012346983 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.058146954 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.075562000 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.075973988 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.076004982 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.076426983 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.076498985 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.077181101 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.077224970 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.077403069 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.077459097 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.119775057 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.119801998 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.165621042 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.218759060 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.218858004 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:21.220876932 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:21.220889091 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.221146107 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.222053051 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:21.263336897 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.535588026 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.535713911 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.535794973 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.536379099 CET49739443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.536400080 CET44349739149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.604448080 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:21.651338100 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:21.736249924 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.736370087 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.736438036 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:21.737147093 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:21.737174034 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:21.737188101 CET49741443192.168.2.42.23.161.164
      Nov 29, 2024 08:30:21.737194061 CET443497412.23.161.164192.168.2.4
      Nov 29, 2024 08:30:22.178863049 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:22.178946972 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:22.179007053 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:22.199879885 CET49740443192.168.2.4149.129.12.34
      Nov 29, 2024 08:30:22.199907064 CET44349740149.129.12.34192.168.2.4
      Nov 29, 2024 08:30:26.792309999 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:26.792346954 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:26.792593002 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:26.793796062 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:26.793811083 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:27.844300985 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:27.844363928 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:27.844728947 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:28.511900902 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:28.512149096 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:28.514967918 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:28.514977932 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:28.515271902 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:28.568475008 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:29.273597002 CET49737443192.168.2.4142.250.181.100
      Nov 29, 2024 08:30:29.273643017 CET44349737142.250.181.100192.168.2.4
      Nov 29, 2024 08:30:29.989064932 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:30.035327911 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.554944992 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555011034 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555030107 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555049896 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555088043 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555108070 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555149078 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:30.555180073 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.555198908 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:30.555234909 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:30.574141979 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.574305058 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:30.574314117 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.574409962 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:30.574470043 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:31.786144018 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:31.786190033 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:30:31.786223888 CET49742443192.168.2.420.109.210.53
      Nov 29, 2024 08:30:31.786235094 CET4434974220.109.210.53192.168.2.4
      Nov 29, 2024 08:31:07.065262079 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:07.065310001 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:07.065403938 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:07.065804958 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:07.065824032 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:08.179976940 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:08.180022001 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:08.180104971 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:08.180537939 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:08.180556059 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:08.915436029 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:08.915538073 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:08.919025898 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:08.919038057 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:08.919285059 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:08.929404974 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:08.971373081 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.408828020 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.408847094 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.408859968 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.408921003 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.408941984 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.408984900 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.608292103 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.608313084 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.608540058 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.608552933 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.608598948 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.651585102 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.651602030 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.651762962 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.651774883 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.651820898 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.797131062 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.797156096 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.797261000 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.797286034 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.797326088 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.830328941 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.830355883 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.830461025 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.830487967 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.830530882 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.851932049 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.851953030 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.852015972 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.852041960 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.852082968 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.870559931 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.870575905 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.870644093 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.870668888 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:09.870712042 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:09.884661913 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:09.884731054 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:09.886327028 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:09.886337996 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:09.886600971 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:09.897608042 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:09.943322897 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.000315905 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.000339985 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.000433922 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.000472069 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.000509977 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.016613007 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.016632080 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.016726971 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.016752005 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.016788006 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.032682896 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.032701015 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.032912016 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.032927036 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.032968998 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.048958063 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.048980951 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.049019098 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.049031019 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.049073935 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.062937975 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.062959909 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.063153028 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.063164949 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.063210011 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.078039885 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.078066111 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.078144073 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.078162909 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.078334093 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.084990978 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.085057020 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.085063934 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.085114956 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.085156918 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.085170984 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.085185051 CET49748443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.085191965 CET4434974813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.124448061 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.124491930 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.124572039 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.126853943 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.126877069 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.126887083 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.126907110 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.126930952 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.126952887 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128175020 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128204107 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.128245115 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128469944 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128483057 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.128591061 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128612995 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.128686905 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128695965 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.128798962 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.128808975 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.129724026 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.129731894 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.129776001 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.129923105 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:10.129931927 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:10.568737030 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.568766117 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.568780899 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.568862915 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:10.568890095 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.568933964 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:10.610750914 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.610801935 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.610858917 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.610868931 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:10.610917091 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:10.611093998 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:10.611109972 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:10.611130953 CET49749443192.168.2.420.109.210.53
      Nov 29, 2024 08:31:10.611135960 CET4434974920.109.210.53192.168.2.4
      Nov 29, 2024 08:31:11.843965054 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.844589949 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.844607115 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.845171928 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.845176935 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.845660925 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.845925093 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.845943928 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.846410036 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.846415043 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.914031982 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.914582014 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.914598942 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.915057898 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.915065050 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.915328979 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.915718079 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.915730000 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.916299105 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.916306019 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.974296093 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.974889994 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.974915981 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:11.975616932 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:11.975626945 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.283904076 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.283929110 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.284154892 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.284179926 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.284370899 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.284370899 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.284370899 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.284383059 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.284573078 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.284603119 CET4434975013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285378933 CET49750443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.285415888 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285435915 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285502911 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.285511971 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285661936 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.285670996 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285680056 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.285821915 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285850048 CET4434975313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.285881996 CET49753443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288089037 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288116932 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288121939 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.288165092 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.288188934 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288225889 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288358927 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288371086 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.288398981 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.288412094 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.358721972 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.358746052 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.358838081 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.358856916 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.358989954 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.359148979 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.359153986 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.359168053 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.359333038 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.359360933 CET4434975213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.359397888 CET49752443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.360084057 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.360146046 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.360194921 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.360330105 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.360342979 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.360356092 CET49754443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.360362053 CET4434975413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.361953974 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.362005949 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.362071037 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.362207890 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.362217903 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.362757921 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.362788916 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.362848997 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.362951994 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.362963915 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.428050995 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.428128958 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.428204060 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.428426027 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.428447008 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.428457975 CET49751443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.428462982 CET4434975113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.431721926 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.431768894 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:12.431875944 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.432060957 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:12.432070017 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.068166018 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.071490049 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.071516991 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.072014093 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.072019100 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.077874899 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.078217983 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.078243017 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.078685999 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.078696966 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.083956003 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.084273100 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.084296942 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.084747076 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.084753036 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.146842003 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.147409916 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.147442102 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.148015022 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.148021936 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.186095953 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.186747074 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.186770916 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.187259912 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.187278032 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.512254953 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.512335062 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.512527943 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.512674093 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.512691021 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.512702942 CET49757443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.512707949 CET4434975713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.513645887 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.513703108 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.513763905 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.514064074 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.514072895 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.514081955 CET49758443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.514086008 CET4434975813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.517189980 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.517225027 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.517297983 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.517527103 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.517597914 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.517661095 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.517880917 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.517910004 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.518029928 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.518039942 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.518066883 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.518145084 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.518153906 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.518280029 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.518295050 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.518321037 CET49759443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.518326044 CET4434975913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.520473003 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.520486116 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.520539999 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.520705938 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.520714045 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.600209951 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.600272894 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.600518942 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.600641012 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.600656033 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.600667953 CET49756443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.600673914 CET4434975613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.603943110 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.603980064 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.604058981 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.604239941 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.604249954 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.620949030 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.621006012 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.621140003 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.621221066 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.621241093 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.621254921 CET49760443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.621260881 CET4434976013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.623987913 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.624027967 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:14.624103069 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.624243975 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:14.624255896 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.235068083 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.235476017 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.235498905 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.235924959 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.235929966 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.302438021 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.303008080 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.303021908 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.303488016 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.303493977 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.305820942 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.306163073 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.306178093 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.306616068 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.306619883 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.334076881 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:16.334120035 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:16.334193945 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:16.334451914 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:16.334462881 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:16.452290058 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.453022003 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.453047991 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.453473091 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.453478098 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.469903946 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.470307112 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.470333099 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.470655918 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.470664978 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.669433117 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.669516087 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.669737101 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.669770956 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.669786930 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.669796944 CET49761443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.669801950 CET4434976113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.672563076 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.672606945 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.672692060 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.672863960 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.672879934 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.745939970 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.746103048 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.746236086 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.746260881 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.746282101 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.746293068 CET49762443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.746298075 CET4434976213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.748918056 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.748963118 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.749037981 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.749169111 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.749183893 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.749537945 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.749711037 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.749771118 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.749793053 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.749803066 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.749811888 CET49763443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.749816895 CET4434976313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.752028942 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.752058983 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.752132893 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.752271891 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.752285957 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.905679941 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.905754089 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.905963898 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.905998945 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.905998945 CET49764443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.906018019 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.906048059 CET4434976413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.908571959 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.908608913 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.908687115 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.908839941 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.908853054 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.923784018 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.923870087 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.923994064 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.924177885 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.924194098 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.924204111 CET49765443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.924209118 CET4434976513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.926808119 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.926831007 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:16.926896095 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.927031040 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:16.927043915 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.075836897 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:18.076256990 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:18.076273918 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:18.076718092 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:18.077043056 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:18.077112913 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:18.129514933 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:18.394680023 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.395138025 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.395160913 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.395593882 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.395600080 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.469501972 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.470104933 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.470139027 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.470572948 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.470577955 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.599828005 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.600317001 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.600347996 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.600781918 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.600786924 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.755337000 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.755994081 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.756025076 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.756417036 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.756422043 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.771976948 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.772345066 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.772367001 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.772701025 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.772706032 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.830478907 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.830580950 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.830756903 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.831177950 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.831196070 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.831213951 CET49767443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.831219912 CET4434976713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.834104061 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.834150076 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.834214926 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.834350109 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.834362030 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.904182911 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.904352903 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.904447079 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.904577971 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.904596090 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.904607058 CET49769443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.904612064 CET4434976913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.907591105 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.907635927 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:18.907740116 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.907902002 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:18.907915115 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.052640915 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.052831888 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.052944899 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.053267956 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.053291082 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.053302050 CET49768443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.053308964 CET4434976813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.056447029 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.056530952 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.056636095 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.056742907 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.056762934 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.208331108 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.208414078 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.208483934 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.208667994 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.208674908 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.208705902 CET49770443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.208710909 CET4434977013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.211751938 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.211792946 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.211884975 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.212089062 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.212102890 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.225712061 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.225884914 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.226038933 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.226038933 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.226039886 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.228187084 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.228214979 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.228270054 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.228405952 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.228421926 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:19.536195040 CET49771443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:19.536205053 CET4434977113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.631036997 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.631659985 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.631691933 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.632131100 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.632136106 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.680210114 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.680636883 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.680660009 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.681073904 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.681077957 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.903876066 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.904536009 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.904558897 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.905014038 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.905020952 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.993370056 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.993926048 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.993958950 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:20.994352102 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:20.994358063 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.065155983 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.065347910 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.065412045 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.065478086 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.065499067 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.065510035 CET49773443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.065520048 CET4434977313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.068470955 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.068516016 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.068594933 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.068730116 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.068743944 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.076251984 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.076632977 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.076643944 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.077053070 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.077056885 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.133295059 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.133383036 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.133465052 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.133856058 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.133876085 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.133887053 CET49772443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.133893013 CET4434977213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.136713028 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.136744022 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.136853933 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.137012959 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.137023926 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.359209061 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.359392881 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.359467030 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.359549999 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.359561920 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.359570980 CET49774443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.359575033 CET4434977413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.362437010 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.362488985 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.362576962 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.362754107 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.362770081 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.438018084 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.438097954 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.438200951 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.438570023 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.438586950 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.438599110 CET49775443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.438604116 CET4434977513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.441529036 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.441550016 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.441644907 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.441816092 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.441828966 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.529342890 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.529432058 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.529526949 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.529808044 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.529824018 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.529843092 CET49776443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.529848099 CET4434977613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.532294989 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.532330036 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:21.532413960 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.532531977 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:21.532542944 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:22.855617046 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:22.856167078 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:22.856200933 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:22.856635094 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:22.856642962 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:22.918096066 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:22.919030905 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:22.919055939 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:22.919509888 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:22.919514894 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.214818954 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.215454102 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.215480089 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.215884924 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.215890884 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.222192049 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.222722054 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.222744942 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.223061085 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.223066092 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.254631042 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.255004883 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.255028963 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.255373001 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.255378008 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.299612999 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.299797058 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.299859047 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.299921036 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.299937963 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.299947977 CET49777443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.299952984 CET4434977713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.302819014 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.302850008 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.302915096 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.303049088 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.303062916 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.362353086 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.362412930 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.362464905 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.362647057 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.362660885 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.362669945 CET49778443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.362673998 CET4434977813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.365416050 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.365453959 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.365525961 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.365648031 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.365659952 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.666526079 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.666595936 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.666686058 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.666902065 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.666923046 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.666933060 CET49780443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.666939020 CET4434978013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.667237043 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.667428970 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.667484999 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.667515993 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.667536020 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.667546988 CET49779443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.667553902 CET4434977913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.669919968 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.669945002 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.669980049 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.670011044 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.670020103 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.670074940 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.670191050 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.670198917 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.670203924 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.670207977 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.689207077 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.689284086 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.689415932 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.689627886 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.689651012 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.689662933 CET49781443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.689667940 CET4434978113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.691916943 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.691936970 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:23.692019939 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.692138910 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:23.692150116 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.091207981 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.091794968 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.091826916 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.092262983 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.092267036 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.154179096 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.154614925 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.154645920 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.155034065 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.155038118 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.392004013 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.392575979 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.392591953 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.393100023 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.393105030 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.457258940 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.457758904 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.457786083 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.458364964 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.458370924 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.475807905 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.476332903 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.476344109 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.477148056 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.477153063 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.529973030 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.530057907 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.530109882 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.530308962 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.530330896 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.530342102 CET49783443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.530347109 CET4434978313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.533277035 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.533314943 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.533370018 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.533529997 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.533540010 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.606347084 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.606487989 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.606543064 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.606828928 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.606852055 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.606862068 CET49782443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.606868029 CET4434978213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.610061884 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.610100031 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.610158920 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.610300064 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.610320091 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.826684952 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.826771975 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.826930046 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.827054024 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.827075005 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.827085972 CET49785443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.827091932 CET4434978513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.830121040 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.830151081 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.830233097 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.830410004 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.830418110 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.902035952 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.902239084 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.902307987 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.902422905 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.902443886 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.902456999 CET49784443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.902462959 CET4434978413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.905457020 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.905493021 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.905589104 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.905782938 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.905797958 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.919369936 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.919528961 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.919596910 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.919632912 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.919632912 CET49786443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.919647932 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.919657946 CET4434978613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.921988010 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.922008038 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:25.922095060 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.922250032 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:25.922257900 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.249768019 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.250334024 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.250355005 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.250817060 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.250822067 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.459187984 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.459932089 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.459959984 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.460405111 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.460410118 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.676337004 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.676780939 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.676805019 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.677289963 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.677297115 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.685445070 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.685513973 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.685602903 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.685719013 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.685719013 CET49787443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.685738087 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.685745955 CET4434978713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.688206911 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.688251019 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.688338041 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.688503981 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.688513994 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.690233946 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.690566063 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.690582037 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.690977097 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.690982103 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.773654938 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.774249077 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.774277925 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.774702072 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.774707079 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.780900002 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:27.780963898 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:27.781025887 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:27.912177086 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.912271976 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.912362099 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.918627977 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.918649912 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.918659925 CET49788443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.918664932 CET4434978813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.921466112 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.921508074 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:27.921628952 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.921739101 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:27.921745062 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.130143881 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.130207062 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.130270958 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.130467892 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.130491018 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.130501032 CET49789443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.130506039 CET4434978913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.133424044 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.133461952 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.133572102 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.133742094 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.133752108 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.135066032 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.135226011 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.135284901 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.135308981 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.135324001 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.135335922 CET49790443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.135340929 CET4434979013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.137227058 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.137255907 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.137326956 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.137492895 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.137504101 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.228777885 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.228964090 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.229033947 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.229079008 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.229096889 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.229109049 CET49791443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.229119062 CET4434979113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.231758118 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.231790066 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:28.231874943 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.232031107 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:28.232047081 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.287688971 CET49766443192.168.2.4142.250.181.100
      Nov 29, 2024 08:31:29.287722111 CET44349766142.250.181.100192.168.2.4
      Nov 29, 2024 08:31:29.919570923 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.920186996 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.920211077 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.920671940 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.920675993 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.925744057 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.925762892 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.926088095 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.926100969 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.926137924 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.926143885 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.926590919 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.926594973 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.926611900 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.926616907 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.954792023 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.955339909 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.955351114 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:29.955794096 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:29.955797911 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.354715109 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.354785919 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.354846954 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.354990959 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.355012894 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.355026007 CET49794443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.355031013 CET4434979413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.357706070 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.357747078 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.357820988 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.357945919 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.357964039 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.369853973 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.370071888 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.370120049 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.370187998 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.370206118 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.370217085 CET49795443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.370222092 CET4434979513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.372414112 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.372442961 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.372508049 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.372668028 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.372679949 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.379100084 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.379249096 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.379303932 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.379333973 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.379334927 CET49793443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.379345894 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.379355907 CET4434979313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.381426096 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.381460905 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.381532907 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.381663084 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.381680012 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.388597012 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.388875961 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.388932943 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.388963938 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.388963938 CET49796443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.388972998 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.388979912 CET4434979613.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.390887976 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.390913010 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:30.390984058 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.391138077 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:30.391150951 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.140089989 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.140583992 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.140608072 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.141057968 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.141062975 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.597446918 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.597517967 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.597579956 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.600606918 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.600606918 CET49792443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.600629091 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.600637913 CET4434979213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.614512920 CET49801443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.614557981 CET4434980113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:31.614622116 CET49801443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.621604919 CET49801443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:31.621619940 CET4434980113.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.103162050 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.103751898 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.103769064 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.104214907 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.104221106 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.161253929 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.161798954 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.161822081 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.162281036 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.162287951 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.204793930 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.205349922 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.205363035 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.205892086 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.205895901 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.242893934 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.243474007 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.243489027 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.244043112 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.244048119 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.536629915 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.536791086 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.537568092 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.537568092 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.537619114 CET49799443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.537641048 CET4434979913.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.540659904 CET49802443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.540688038 CET4434980213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.540790081 CET49802443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.540988922 CET49802443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.541002035 CET4434980213.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.604197025 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.604372025 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.604540110 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.604567051 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.604578018 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.604588032 CET49798443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.604593039 CET4434979813.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.607136011 CET49803443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.607166052 CET4434980313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.607233047 CET49803443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.607402086 CET49803443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.607415915 CET4434980313.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.658094883 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.658154964 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.658271074 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.658556938 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.658572912 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.658654928 CET49797443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.658663988 CET4434979713.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.662179947 CET49804443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.662209034 CET4434980413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.662312031 CET49804443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.662436962 CET49804443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.662451982 CET4434980413.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.695735931 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.695895910 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.695960045 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.696018934 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.696027994 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.696039915 CET49800443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.696048975 CET4434980013.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.698143959 CET49805443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.698182106 CET4434980513.107.246.63192.168.2.4
      Nov 29, 2024 08:31:32.698246956 CET49805443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.698380947 CET49805443192.168.2.413.107.246.63
      Nov 29, 2024 08:31:32.698395967 CET4434980513.107.246.63192.168.2.4

      UDP Packets

      TimestampSource PortDest PortSource IPDest IP
      Nov 29, 2024 08:30:12.766693115 CET53535031.1.1.1192.168.2.4
      Nov 29, 2024 08:30:12.794771910 CET53601091.1.1.1192.168.2.4
      Nov 29, 2024 08:30:15.545094967 CET53500511.1.1.1192.168.2.4
      Nov 29, 2024 08:30:16.272844076 CET6071653192.168.2.41.1.1.1
      Nov 29, 2024 08:30:16.272964001 CET6320053192.168.2.41.1.1.1
      Nov 29, 2024 08:30:16.416327000 CET53607161.1.1.1192.168.2.4
      Nov 29, 2024 08:30:16.416347027 CET53632001.1.1.1192.168.2.4
      Nov 29, 2024 08:30:18.282517910 CET5318353192.168.2.41.1.1.1
      Nov 29, 2024 08:30:18.282784939 CET5110653192.168.2.41.1.1.1
      Nov 29, 2024 08:30:18.588396072 CET53531831.1.1.1192.168.2.4
      Nov 29, 2024 08:30:18.606687069 CET53511061.1.1.1192.168.2.4
      Nov 29, 2024 08:30:30.919619083 CET138138192.168.2.4192.168.2.255
      Nov 29, 2024 08:30:32.538784027 CET53632811.1.1.1192.168.2.4
      Nov 29, 2024 08:30:51.449693918 CET53492511.1.1.1192.168.2.4
      Nov 29, 2024 08:31:11.960761070 CET53547321.1.1.1192.168.2.4
      Nov 29, 2024 08:31:13.786163092 CET53603961.1.1.1192.168.2.4

      DNS Queries

      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
      Nov 29, 2024 08:30:16.272844076 CET192.168.2.41.1.1.10xe248Standard query (0)www.google.comA (IP address)IN (0x0001)false
      Nov 29, 2024 08:30:16.272964001 CET192.168.2.41.1.1.10xc007Standard query (0)www.google.com65IN (0x0001)false
      Nov 29, 2024 08:30:18.282517910 CET192.168.2.41.1.1.10xb302Standard query (0)sandisk2.oss-ap-northeast-2.aliyuncs.comA (IP address)IN (0x0001)false
      Nov 29, 2024 08:30:18.282784939 CET192.168.2.41.1.1.10x16d3Standard query (0)sandisk2.oss-ap-northeast-2.aliyuncs.com65IN (0x0001)false

      DNS Answers

      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
      Nov 29, 2024 08:30:16.416327000 CET1.1.1.1192.168.2.40xe248No error (0)www.google.com142.250.181.100A (IP address)IN (0x0001)false
      Nov 29, 2024 08:30:16.416347027 CET1.1.1.1192.168.2.40xc007No error (0)www.google.com65IN (0x0001)false
      Nov 29, 2024 08:30:18.588396072 CET1.1.1.1192.168.2.40xb302No error (0)sandisk2.oss-ap-northeast-2.aliyuncs.com149.129.12.34A (IP address)IN (0x0001)false

      HTTP Request Dependency Graph

      • sandisk2.oss-ap-northeast-2.aliyuncs.com
      • fs.microsoft.com
      • https:
      • slscr.update.microsoft.com
      • otelrules.azureedge.net

      HTTPS Proxied Packets

      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      0192.168.2.4497382.23.161.164443
      TimestampBytes transferredDirectionData
      2024-11-29 07:30:19 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      Accept-Encoding: identity
      User-Agent: Microsoft BITS/7.8
      Host: fs.microsoft.com
      2024-11-29 07:30:19 UTC479INHTTP/1.1 200 OK
      Content-Type: application/octet-stream
      Server: Kestrel
      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
      X-Ms-ApiVersion: Distribute 1.2
      X-Ms-Region: prod-weu-z1
      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
      X-OSID: 2
      X-CID: 2
      X-CCC: GB
      Cache-Control: public, max-age=155486
      Date: Fri, 29 Nov 2024 07:30:19 GMT
      Connection: close
      X-CID: 2


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      1192.168.2.449739149.129.12.344436092C:\Program Files\Google\Chrome\Application\chrome.exe
      TimestampBytes transferredDirectionData
      2024-11-29 07:30:20 UTC683OUTGET / HTTP/1.1
      Host: sandisk2.oss-ap-northeast-2.aliyuncs.com
      Connection: keep-alive
      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
      sec-ch-ua-mobile: ?0
      sec-ch-ua-platform: "Windows"
      Upgrade-Insecure-Requests: 1
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
      Sec-Fetch-Site: none
      Sec-Fetch-Mode: navigate
      Sec-Fetch-User: ?1
      Sec-Fetch-Dest: document
      Accept-Encoding: gzip, deflate, br
      Accept-Language: en-US,en;q=0.9
      2024-11-29 07:30:21 UTC244INHTTP/1.1 403 Forbidden
      Server: AliyunOSS
      Date: Fri, 29 Nov 2024 07:30:21 GMT
      Content-Type: application/xml
      Content-Length: 375
      Connection: close
      x-oss-request-id: 67496D8DCBEF1D353385256A
      x-oss-server-time: 1
      x-oss-ec: 0003-00000905
      2024-11-29 07:30:21 UTC375INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 45 72 72 6f 72 3e 0a 20 20 3c 43 6f 64 65 3e 41 63 63 65 73 73 44 65 6e 69 65 64 3c 2f 43 6f 64 65 3e 0a 20 20 3c 4d 65 73 73 61 67 65 3e 54 68 65 20 62 75 63 6b 65 74 20 79 6f 75 20 61 63 63 65 73 73 20 64 6f 65 73 20 6e 6f 74 20 62 65 6c 6f 6e 67 20 74 6f 20 79 6f 75 2e 3c 2f 4d 65 73 73 61 67 65 3e 0a 20 20 3c 52 65 71 75 65 73 74 49 64 3e 36 37 34 39 36 44 38 44 43 42 45 46 31 44 33 35 33 33 38 35 32 35 36 41 3c 2f 52 65 71 75 65 73 74 49 64 3e 0a 20 20 3c 48 6f 73 74 49 64 3e 73 61 6e 64 69 73 6b 32 2e 6f 73 73 2d 61 70 2d 6e 6f 72 74 68 65 61 73 74 2d 32 2e 61 6c 69 79 75 6e 63 73 2e 63 6f 6d 3c 2f 48 6f 73 74 49 64 3e 0a 20 20 3c
      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><Error> <Code>AccessDenied</Code> <Message>The bucket you access does not belong to you.</Message> <RequestId>67496D8DCBEF1D353385256A</RequestId> <HostId>sandisk2.oss-ap-northeast-2.aliyuncs.com</HostId> <


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      2192.168.2.4497412.23.161.164443
      TimestampBytes transferredDirectionData
      2024-11-29 07:30:21 UTC239OUTGET /fs/windows/config.json HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      Accept-Encoding: identity
      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
      Range: bytes=0-2147483646
      User-Agent: Microsoft BITS/7.8
      Host: fs.microsoft.com
      2024-11-29 07:30:21 UTC515INHTTP/1.1 200 OK
      ApiVersion: Distribute 1.1
      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
      Content-Type: application/octet-stream
      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
      Server: ECAcc (lpl/EF06)
      X-CID: 11
      X-Ms-ApiVersion: Distribute 1.2
      X-Ms-Region: prod-neu-z1
      Cache-Control: public, max-age=215096
      Date: Fri, 29 Nov 2024 07:30:21 GMT
      Content-Length: 55
      Connection: close
      X-CID: 2
      2024-11-29 07:30:21 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      3192.168.2.449740149.129.12.344436092C:\Program Files\Google\Chrome\Application\chrome.exe
      TimestampBytes transferredDirectionData
      2024-11-29 07:30:21 UTC636OUTGET /favicon.ico HTTP/1.1
      Host: sandisk2.oss-ap-northeast-2.aliyuncs.com
      Connection: keep-alive
      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
      sec-ch-ua-mobile: ?0
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
      sec-ch-ua-platform: "Windows"
      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
      Sec-Fetch-Site: same-origin
      Sec-Fetch-Mode: no-cors
      Sec-Fetch-Dest: image
      Referer: https://sandisk2.oss-ap-northeast-2.aliyuncs.com/
      Accept-Encoding: gzip, deflate, br
      Accept-Language: en-US,en;q=0.9
      2024-11-29 07:30:22 UTC244INHTTP/1.1 404 Not Found
      Server: AliyunOSS
      Date: Fri, 29 Nov 2024 07:30:21 GMT
      Content-Type: application/xml
      Content-Length: 385
      Connection: close
      x-oss-request-id: 67496D8DA7B08E3433277D9E
      x-oss-server-time: 1
      x-oss-ec: 0026-00000001
      2024-11-29 07:30:22 UTC385INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 45 72 72 6f 72 3e 0a 20 20 3c 43 6f 64 65 3e 4e 6f 53 75 63 68 4b 65 79 3c 2f 43 6f 64 65 3e 0a 20 20 3c 4d 65 73 73 61 67 65 3e 54 68 65 20 73 70 65 63 69 66 69 65 64 20 6b 65 79 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 2e 3c 2f 4d 65 73 73 61 67 65 3e 0a 20 20 3c 52 65 71 75 65 73 74 49 64 3e 36 37 34 39 36 44 38 44 41 37 42 30 38 45 33 34 33 33 32 37 37 44 39 45 3c 2f 52 65 71 75 65 73 74 49 64 3e 0a 20 20 3c 48 6f 73 74 49 64 3e 73 61 6e 64 69 73 6b 32 2e 6f 73 73 2d 61 70 2d 6e 6f 72 74 68 65 61 73 74 2d 32 2e 61 6c 69 79 75 6e 63 73 2e 63 6f 6d 3c 2f 48 6f 73 74 49 64 3e 0a 20 20 3c 4b 65 79 3e 66 61 76 69 63 6f 6e 2e 69 63 6f
      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><Error> <Code>NoSuchKey</Code> <Message>The specified key does not exist.</Message> <RequestId>67496D8DA7B08E3433277D9E</RequestId> <HostId>sandisk2.oss-ap-northeast-2.aliyuncs.com</HostId> <Key>favicon.ico


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      4192.168.2.44974220.109.210.53443
      TimestampBytes transferredDirectionData
      2024-11-29 07:30:29 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Z24EcC7PxL2NOu1&MD=YvVCBR8B HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
      Host: slscr.update.microsoft.com
      2024-11-29 07:30:30 UTC560INHTTP/1.1 200 OK
      Cache-Control: no-cache
      Pragma: no-cache
      Content-Type: application/octet-stream
      Expires: -1
      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
      ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
      MS-CorrelationId: f2b2a6ce-03c1-4a91-8e20-b663b5ea4157
      MS-RequestId: a4aa591f-4e7d-4a35-8d12-8636000c24ba
      MS-CV: 3OtEt/p9kU2woVDJ.0
      X-Microsoft-SLSClientCache: 2880
      Content-Disposition: attachment; filename=environment.cab
      X-Content-Type-Options: nosniff
      Date: Fri, 29 Nov 2024 07:30:29 GMT
      Connection: close
      Content-Length: 24490
      2024-11-29 07:30:30 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
      Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
      2024-11-29 07:30:30 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
      Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


      Session IDSource IPSource PortDestination IPDestination Port
      5192.168.2.44974813.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:08 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:09 UTC471INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:09 GMT
      Content-Type: text/plain
      Content-Length: 218853
      Connection: close
      Vary: Accept-Encoding
      Cache-Control: public
      Last-Modified: Wed, 27 Nov 2024 15:11:14 GMT
      ETag: "0x8DD0EF5BC53602D"
      x-ms-request-id: a5a19dc6-401e-008c-1dff-4086c2000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073109Z-174f7845968qj8jrhC1EWRh41s0000000zeg00000000b5yx
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:09 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
      Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
      2024-11-29 07:31:09 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
      Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
      2024-11-29 07:31:09 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
      Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
      2024-11-29 07:31:09 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
      Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
      2024-11-29 07:31:09 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
      Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
      2024-11-29 07:31:09 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
      Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
      2024-11-29 07:31:09 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
      Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
      2024-11-29 07:31:09 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
      Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
      2024-11-29 07:31:10 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
      Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
      2024-11-29 07:31:10 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
      Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      6192.168.2.44974920.109.210.53443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:09 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Z24EcC7PxL2NOu1&MD=YvVCBR8B HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
      Host: slscr.update.microsoft.com
      2024-11-29 07:31:10 UTC560INHTTP/1.1 200 OK
      Cache-Control: no-cache
      Pragma: no-cache
      Content-Type: application/octet-stream
      Expires: -1
      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
      ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
      MS-CorrelationId: c6ab934c-30fb-4de1-b68a-153153e44f8c
      MS-RequestId: 384e5b1e-299c-4a6e-93bd-9531d7087bf8
      MS-CV: GzFcrtPaKUqVg5hX.0
      X-Microsoft-SLSClientCache: 1440
      Content-Disposition: attachment; filename=environment.cab
      X-Content-Type-Options: nosniff
      Date: Fri, 29 Nov 2024 07:31:09 GMT
      Connection: close
      Content-Length: 30005
      2024-11-29 07:31:10 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
      Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
      2024-11-29 07:31:10 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
      Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


      Session IDSource IPSource PortDestination IPDestination Port
      7192.168.2.44975013.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:11 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:12 UTC494INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:12 GMT
      Content-Type: text/xml
      Content-Length: 3788
      Connection: close
      Vary: Accept-Encoding
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
      ETag: "0x8DC582BAC2126A6"
      x-ms-request-id: 0b3277ea-501e-00a0-5e91-3f9d9f000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073112Z-174f7845968cdxdrhC1EWRg0en0000000zp00000000011fb
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:12 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


      Session IDSource IPSource PortDestination IPDestination Port
      8192.168.2.44975313.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:11 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:12 UTC494INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:12 GMT
      Content-Type: text/xml
      Content-Length: 2160
      Connection: close
      Vary: Accept-Encoding
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
      ETag: "0x8DC582BA3B95D81"
      x-ms-request-id: 6eac4bdd-a01e-006f-1c91-3f13cd000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073112Z-174f7845968frfdmhC1EWRxxbw0000000zp00000000054rg
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:12 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


      Session IDSource IPSource PortDestination IPDestination Port
      9192.168.2.44975213.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:11 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:12 UTC494INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:12 GMT
      Content-Type: text/xml
      Content-Length: 2980
      Connection: close
      Vary: Accept-Encoding
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
      ETag: "0x8DC582BA80D96A1"
      x-ms-request-id: 2ca1f14f-f01e-001f-3f2a-405dc8000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073112Z-174f7845968ljs8phC1EWRe6en0000000zbg00000000a66m
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:12 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


      Session IDSource IPSource PortDestination IPDestination Port
      10192.168.2.44975413.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:11 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:12 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:12 GMT
      Content-Type: text/xml
      Content-Length: 408
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
      ETag: "0x8DC582BB56D3AFB"
      x-ms-request-id: dc0e4179-901e-005b-2991-3f2005000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073112Z-174f78459688l8rvhC1EWRtzr00000000c600000000067x9
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:12 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


      Session IDSource IPSource PortDestination IPDestination Port
      11192.168.2.44975113.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:11 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:12 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:12 GMT
      Content-Type: text/xml
      Content-Length: 450
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
      ETag: "0x8DC582BD4C869AE"
      x-ms-request-id: 59158d4f-901e-00a0-5491-3f6a6d000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073112Z-174f7845968vqt9xhC1EWRgten0000000zp000000000517e
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:12 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


      Session IDSource IPSource PortDestination IPDestination Port
      12192.168.2.44975713.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:14 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:14 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:14 GMT
      Content-Type: text/xml
      Content-Length: 415
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
      ETag: "0x8DC582B9F6F3512"
      x-ms-request-id: f5d49257-301e-005d-758c-3fe448000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073114Z-174f7845968kdththC1EWRzvxn0000000bz00000000057h8
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:14 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


      Session IDSource IPSource PortDestination IPDestination Port
      13192.168.2.44975813.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:14 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:14 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:14 GMT
      Content-Type: text/xml
      Content-Length: 471
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
      ETag: "0x8DC582BB10C598B"
      x-ms-request-id: 30944020-a01e-0053-5e8b-3f8603000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073114Z-174f78459684bddphC1EWRbht40000000zc0000000003st7
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:14 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      14192.168.2.44975913.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:14 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:14 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:14 GMT
      Content-Type: text/xml
      Content-Length: 632
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
      ETag: "0x8DC582BB6E3779E"
      x-ms-request-id: 6f96f590-e01e-0099-0e7f-3fda8a000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073114Z-174f78459685726chC1EWRsnbg0000000zq000000000449u
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:14 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


      Session IDSource IPSource PortDestination IPDestination Port
      15192.168.2.44975613.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:14 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:14 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:14 GMT
      Content-Type: text/xml
      Content-Length: 474
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
      ETag: "0x8DC582B9964B277"
      x-ms-request-id: 8ccd6c39-f01e-0085-6e81-3f88ea000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073114Z-174f7845968psccphC1EWRuz9s0000000zv0000000006hw5
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:14 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      16192.168.2.44976013.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:14 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:14 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:14 GMT
      Content-Type: text/xml
      Content-Length: 467
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
      ETag: "0x8DC582BA6C038BC"
      x-ms-request-id: 3360fb1d-601e-0097-3291-3ff33a000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073114Z-174f7845968ljs8phC1EWRe6en0000000zh0000000001zp1
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:14 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      17192.168.2.44976113.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:16 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:16 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:16 GMT
      Content-Type: text/xml
      Content-Length: 486
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
      ETag: "0x8DC582BB344914B"
      x-ms-request-id: 6eac52fb-a01e-006f-2191-3f13cd000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073116Z-174f7845968cpnpfhC1EWR3afc0000000z80000000004f6v
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:16 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      18192.168.2.44976213.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:16 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:16 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:16 GMT
      Content-Type: text/xml
      Content-Length: 407
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
      ETag: "0x8DC582BBAD04B7B"
      x-ms-request-id: 8778ab85-f01e-0071-75e9-41431c000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073116Z-174f7845968n2hr8hC1EWR9cag0000000zb00000000017qz
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:16 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


      Session IDSource IPSource PortDestination IPDestination Port
      19192.168.2.44976313.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:16 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:16 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:16 GMT
      Content-Type: text/xml
      Content-Length: 427
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
      ETag: "0x8DC582BA310DA18"
      x-ms-request-id: c665a67d-901e-002a-1b91-3f7a27000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073116Z-174f7845968kdththC1EWRzvxn0000000c2g00000000093w
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:16 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


      Session IDSource IPSource PortDestination IPDestination Port
      20192.168.2.44976413.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:16 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:16 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:16 GMT
      Content-Type: text/xml
      Content-Length: 486
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
      ETag: "0x8DC582B9018290B"
      x-ms-request-id: dc0e488f-901e-005b-3891-3f2005000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073116Z-174f7845968kvnqxhC1EWRmf3g0000000ka000000000bqa3
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:16 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      21192.168.2.44976513.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:16 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:16 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:16 GMT
      Content-Type: text/xml
      Content-Length: 407
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
      ETag: "0x8DC582B9698189B"
      x-ms-request-id: 72388ca2-901e-0029-4711-41274a000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073116Z-174f7845968n2hr8hC1EWR9cag0000000z8g000000004r3w
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:16 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


      Session IDSource IPSource PortDestination IPDestination Port
      22192.168.2.44976713.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:18 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:18 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:18 GMT
      Content-Type: text/xml
      Content-Length: 469
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
      ETag: "0x8DC582BBA701121"
      x-ms-request-id: d85cda50-501e-000a-581c-410180000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073118Z-174f7845968nxc96hC1EWRspw80000000z9g0000000088pf
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:18 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      23192.168.2.44976913.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:18 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:18 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:18 GMT
      Content-Type: text/xml
      Content-Length: 477
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
      ETag: "0x8DC582BB8CEAC16"
      x-ms-request-id: e9babc56-001e-0049-5291-3f5bd5000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073118Z-174f7845968frfdmhC1EWRxxbw0000000zq0000000003v2n
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:18 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      24192.168.2.44976813.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:18 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:19 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:18 GMT
      Content-Type: text/xml
      Content-Length: 415
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
      ETag: "0x8DC582BA41997E3"
      x-ms-request-id: 106d127d-401e-008c-1a91-3f86c2000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073118Z-174f7845968frfdmhC1EWRxxbw0000000zpg000000004q1r
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:19 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


      Session IDSource IPSource PortDestination IPDestination Port
      25192.168.2.44977013.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:18 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:19 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:19 GMT
      Content-Type: text/xml
      Content-Length: 464
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
      ETag: "0x8DC582B97FB6C3C"
      x-ms-request-id: a99e6065-701e-006f-4d91-3fafc4000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073119Z-174f7845968xr5c2hC1EWRd0hn0000000gcg000000008vam
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:19 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


      Session IDSource IPSource PortDestination IPDestination Port
      26192.168.2.44977113.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:18 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:19 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:19 GMT
      Content-Type: text/xml
      Content-Length: 494
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
      ETag: "0x8DC582BB7010D66"
      x-ms-request-id: 3fc8b732-401e-0083-1091-3f075c000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073119Z-174f784596886s2bhC1EWR743w0000000zs0000000001mxm
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:19 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      27192.168.2.44977313.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:20 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:21 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:20 GMT
      Content-Type: text/xml
      Content-Length: 472
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
      ETag: "0x8DC582B9DACDF62"
      x-ms-request-id: b18988de-c01e-0079-2891-3fe51a000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073120Z-174f7845968kdththC1EWRzvxn0000000bz00000000057pv
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:21 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      28192.168.2.44977213.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:20 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:21 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:20 GMT
      Content-Type: text/xml
      Content-Length: 419
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
      ETag: "0x8DC582B9748630E"
      x-ms-request-id: 7e299a61-c01e-0049-0c07-41ac27000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073120Z-174f7845968glpgnhC1EWR7uec0000000zu00000000031mt
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:21 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


      Session IDSource IPSource PortDestination IPDestination Port
      29192.168.2.44977413.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:20 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:21 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:21 GMT
      Content-Type: text/xml
      Content-Length: 404
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
      ETag: "0x8DC582B9E8EE0F3"
      x-ms-request-id: f5c4af5a-301e-005d-6385-3fe448000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073121Z-174f7845968qj8jrhC1EWRh41s0000000zmg000000002krt
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:21 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


      Session IDSource IPSource PortDestination IPDestination Port
      30192.168.2.44977513.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:20 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:21 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:21 GMT
      Content-Type: text/xml
      Content-Length: 468
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
      ETag: "0x8DC582B9C8E04C8"
      x-ms-request-id: f5817373-b01e-003e-3591-3f8e41000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073121Z-174f7845968kdththC1EWRzvxn0000000bwg000000008wm4
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:21 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      31192.168.2.44977613.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:21 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:21 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:21 GMT
      Content-Type: text/xml
      Content-Length: 428
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
      ETag: "0x8DC582BAC4F34CA"
      x-ms-request-id: b254496e-901e-0016-2991-3fefe9000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073121Z-174f7845968px8v7hC1EWR08ng0000000zy0000000001z63
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:21 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


      Session IDSource IPSource PortDestination IPDestination Port
      32192.168.2.44977713.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:22 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:23 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:23 GMT
      Content-Type: text/xml
      Content-Length: 499
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
      ETag: "0x8DC582B98CEC9F6"
      x-ms-request-id: 89e88ad2-001e-0065-4491-3f0b73000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073123Z-174f78459685m244hC1EWRgp2c0000000zag00000000bxsv
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:23 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      33192.168.2.44977813.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:22 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:23 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:23 GMT
      Content-Type: text/xml
      Content-Length: 415
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
      ETag: "0x8DC582B988EBD12"
      x-ms-request-id: f440c5dc-801e-0047-7891-3f7265000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073123Z-174f7845968swgbqhC1EWRmnb40000000zu00000000037ab
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:23 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


      Session IDSource IPSource PortDestination IPDestination Port
      34192.168.2.44977913.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:23 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:23 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:23 GMT
      Content-Type: text/xml
      Content-Length: 471
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
      ETag: "0x8DC582BB5815C4C"
      x-ms-request-id: 6c824192-201e-0051-0a91-3f7340000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073123Z-174f7845968l4kp6hC1EWRe8840000000zug0000000072pt
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:23 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      35192.168.2.44978013.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:23 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:23 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:23 GMT
      Content-Type: text/xml
      Content-Length: 419
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
      ETag: "0x8DC582BB32BB5CB"
      x-ms-request-id: c3d74fa2-201e-0003-1d91-3ff85a000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073123Z-174f7845968kvnqxhC1EWRmf3g0000000kfg0000000020m0
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:23 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


      Session IDSource IPSource PortDestination IPDestination Port
      36192.168.2.44978113.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:23 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:23 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:23 GMT
      Content-Type: text/xml
      Content-Length: 494
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
      ETag: "0x8DC582BB8972972"
      x-ms-request-id: a4f00822-e01e-0033-081e-414695000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073123Z-174f7845968n2hr8hC1EWR9cag0000000z90000000004gfp
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:23 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      37192.168.2.44978313.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:25 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:25 UTC491INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:25 GMT
      Content-Type: text/xml
      Content-Length: 472
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
      ETag: "0x8DC582B9D43097E"
      x-ms-request-id: feaf0f62-e01e-0071-4f14-4208e7000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073125Z-174f78459685726chC1EWRsnbg0000000zp0000000005a45
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      X-Cache-Info: L1_T2
      Accept-Ranges: bytes
      2024-11-29 07:31:25 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      38192.168.2.44978213.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:25 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:25 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:25 GMT
      Content-Type: text/xml
      Content-Length: 420
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
      ETag: "0x8DC582B9DAE3EC0"
      x-ms-request-id: d3507608-601e-003d-4b91-3f6f25000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073125Z-174f7845968qj8jrhC1EWRh41s0000000zpg0000000001ra
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:25 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


      Session IDSource IPSource PortDestination IPDestination Port
      39192.168.2.44978513.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:25 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:25 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:25 GMT
      Content-Type: text/xml
      Content-Length: 427
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
      ETag: "0x8DC582BA909FA21"
      x-ms-request-id: 9832b288-801e-002a-5afe-4131dc000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073125Z-174f7845968px8v7hC1EWR08ng0000000zv0000000006pxd
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:25 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


      Session IDSource IPSource PortDestination IPDestination Port
      40192.168.2.44978413.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:25 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:25 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:25 GMT
      Content-Type: text/xml
      Content-Length: 486
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
      ETag: "0x8DC582B92FCB436"
      x-ms-request-id: 56bedb93-201e-0033-7607-41b167000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073125Z-174f7845968swgbqhC1EWRmnb40000000zt0000000004m5z
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:25 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      41192.168.2.44978613.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:25 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:25 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:25 GMT
      Content-Type: text/xml
      Content-Length: 423
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
      ETag: "0x8DC582BB7564CE8"
      x-ms-request-id: b56a1ebf-a01e-003d-5b56-4198d7000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073125Z-174f7845968pf68xhC1EWRr4h80000000zv0000000005vfn
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:25 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


      Session IDSource IPSource PortDestination IPDestination Port
      42192.168.2.44978713.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:27 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:27 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:27 GMT
      Content-Type: text/xml
      Content-Length: 478
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
      ETag: "0x8DC582B9B233827"
      x-ms-request-id: 1fa1b817-401e-0067-5691-3f09c2000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073127Z-174f7845968xlwnmhC1EWR0sv80000000zk0000000000hht
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:27 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      43192.168.2.44978813.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:27 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:27 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:27 GMT
      Content-Type: text/xml
      Content-Length: 404
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
      ETag: "0x8DC582B95C61A3C"
      x-ms-request-id: 5685fe29-701e-0098-4071-40395f000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073127Z-174f7845968cdxdrhC1EWRg0en0000000zf000000000akkk
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:27 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


      Session IDSource IPSource PortDestination IPDestination Port
      44192.168.2.44978913.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:27 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:28 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:27 GMT
      Content-Type: text/xml
      Content-Length: 468
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
      ETag: "0x8DC582BB046B576"
      x-ms-request-id: be7987d0-001e-0034-1e91-3fdd04000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073127Z-174f7845968j6t2phC1EWRcfe80000000zsg000000006dc0
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:28 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      45192.168.2.44979013.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:27 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:28 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:27 GMT
      Content-Type: text/xml
      Content-Length: 400
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
      ETag: "0x8DC582BB2D62837"
      x-ms-request-id: 4506793e-f01e-0071-0b15-41431c000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073127Z-174f7845968jrjrxhC1EWRmmrs0000000zsg0000000044qt
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:28 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


      Session IDSource IPSource PortDestination IPDestination Port
      46192.168.2.44979113.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:27 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:28 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:28 GMT
      Content-Type: text/xml
      Content-Length: 479
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
      ETag: "0x8DC582BB7D702D0"
      x-ms-request-id: dc74b407-801e-0015-423a-40f97f000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073128Z-174f7845968glpgnhC1EWR7uec0000000zvg0000000019mv
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:28 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      47192.168.2.44979413.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:29 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:30 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:30 GMT
      Content-Type: text/xml
      Content-Length: 448
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
      ETag: "0x8DC582BB389F49B"
      x-ms-request-id: e14f358b-d01e-007a-5d7e-3ff38c000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073130Z-174f7845968kvnqxhC1EWRmf3g0000000keg000000003r7y
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:30 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


      Session IDSource IPSource PortDestination IPDestination Port
      48192.168.2.44979513.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:29 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:30 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:30 GMT
      Content-Type: text/xml
      Content-Length: 491
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
      ETag: "0x8DC582B98B88612"
      x-ms-request-id: 5cf18591-601e-000d-7e91-3f2618000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073130Z-174f7845968cdxdrhC1EWRg0en0000000zkg000000004kmb
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:30 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      49192.168.2.44979313.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:29 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:30 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:30 GMT
      Content-Type: text/xml
      Content-Length: 475
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
      ETag: "0x8DC582BB2BE84FD"
      x-ms-request-id: e4738428-701e-006f-2050-41afc4000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073130Z-174f7845968pght8hC1EWRyvxg00000002q0000000008x83
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:30 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      50192.168.2.44979613.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:29 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:30 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:30 GMT
      Content-Type: text/xml
      Content-Length: 416
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
      ETag: "0x8DC582BAEA4B445"
      x-ms-request-id: 3fc8ca9f-401e-0083-6c91-3f075c000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073130Z-174f7845968xlwnmhC1EWR0sv80000000zbg000000009p70
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:30 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


      Session IDSource IPSource PortDestination IPDestination Port
      51192.168.2.44979213.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:31 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:31 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:31 GMT
      Content-Type: text/xml
      Content-Length: 425
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
      ETag: "0x8DC582BBA25094F"
      x-ms-request-id: cb9203b6-501e-0029-2691-3fd0b8000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073131Z-174f7845968xr5c2hC1EWRd0hn0000000ghg000000001s9k
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:31 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


      Session IDSource IPSource PortDestination IPDestination Port
      52192.168.2.44979913.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:32 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:32 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:32 GMT
      Content-Type: text/xml
      Content-Length: 471
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
      ETag: "0x8DC582B97E6FCDD"
      x-ms-request-id: 691d9d27-b01e-0070-2a0b-411cc0000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073132Z-174f7845968qj8jrhC1EWRh41s0000000zg0000000008fym
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:32 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      53192.168.2.44979813.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:32 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:32 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:32 GMT
      Content-Type: text/xml
      Content-Length: 415
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
      ETag: "0x8DC582BA80D96A1"
      x-ms-request-id: b24172ee-901e-0016-3789-3fefe9000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073132Z-174f7845968px8v7hC1EWR08ng0000000zyg000000001a96
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:32 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


      Session IDSource IPSource PortDestination IPDestination Port
      54192.168.2.44979713.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:32 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:32 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:32 GMT
      Content-Type: text/xml
      Content-Length: 479
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
      ETag: "0x8DC582B989EE75B"
      x-ms-request-id: 59a03737-a01e-00ab-1891-3f9106000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073132Z-174f7845968l4kp6hC1EWRe8840000000zvg000000005w8k
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:32 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      55192.168.2.44980013.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:32 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:32 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:32 GMT
      Content-Type: text/xml
      Content-Length: 419
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
      ETag: "0x8DC582B9C710B28"
      x-ms-request-id: 320a0aa9-e01e-003c-0635-41c70b000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073132Z-174f7845968pght8hC1EWRyvxg00000002ng00000000b67t
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:32 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


      Session IDSource IPSource PortDestination IPDestination Port
      56192.168.2.44980113.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:33 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net
      2024-11-29 07:31:33 UTC470INHTTP/1.1 200 OK
      Date: Fri, 29 Nov 2024 07:31:33 GMT
      Content-Type: text/xml
      Content-Length: 477
      Connection: close
      Cache-Control: public, max-age=604800, immutable
      Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
      ETag: "0x8DC582BA54DCC28"
      x-ms-request-id: e297b188-201e-0000-7a1b-41a537000000
      x-ms-version: 2018-03-28
      x-azure-ref: 20241129T073133Z-174f784596886s2bhC1EWR743w0000000zkg000000008vzp
      x-fd-int-roxy-purgeid: 0
      X-Cache: TCP_HIT
      Accept-Ranges: bytes
      2024-11-29 07:31:33 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


      Session IDSource IPSource PortDestination IPDestination Port
      57192.168.2.44980213.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:34 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net


      Session IDSource IPSource PortDestination IPDestination Port
      58192.168.2.44980313.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:34 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net


      Session IDSource IPSource PortDestination IPDestination Port
      59192.168.2.44980413.107.246.63443
      TimestampBytes transferredDirectionData
      2024-11-29 07:31:34 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
      Connection: Keep-Alive
      Accept-Encoding: gzip
      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
      Host: otelrules.azureedge.net


      Statistics

      CPU Usage

      Click to jump to process

      Memory Usage

      Click to jump to process

      Behavior

      Click to jump to process

      System Behavior

      General

      Target ID:0
      Start time:02:30:07
      Start date:29/11/2024
      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
      Wow64 process (32bit):false
      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
      Imagebase:0x7ff76e190000
      File size:3'242'272 bytes
      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
      Has elevated privileges:true
      Has administrator privileges:true
      Programmed in:C, C++ or other language
      Reputation:low
      Has exited:false

      General

      Target ID:2
      Start time:02:30:10
      Start date:29/11/2024
      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
      Wow64 process (32bit):false
      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2344,i,10421940951673069483,14524485779351776960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Imagebase:0x7ff76e190000
      File size:3'242'272 bytes
      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
      Has elevated privileges:true
      Has administrator privileges:true
      Programmed in:C, C++ or other language
      Reputation:low
      Has exited:false

      General

      Target ID:3
      Start time:02:30:16
      Start date:29/11/2024
      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
      Wow64 process (32bit):false
      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sandisk2.oss-ap-northeast-2.aliyuncs.com"
      Imagebase:0x7ff76e190000
      File size:3'242'272 bytes
      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
      Has elevated privileges:true
      Has administrator privileges:true
      Programmed in:C, C++ or other language
      Reputation:low
      Has exited:true

      Disassembly

      No disassembly