Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://papyrefb2tdk6czd.onion.ly

Overview

General Information

Sample URL:http://papyrefb2tdk6czd.onion.ly
Analysis ID:1566500
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Sigma detected: DNS Query Tor .Onion Address - Sysmon
Uses TOR for connection hidding

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4624 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6112 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1984,i,1036302302117657355,12748891474908838162,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6548 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://papyrefb2tdk6czd.onion.ly" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: DNS Query Tor .Onion Address - Sysmon
Source: DNS queryAuthor: frack113: Data: Image: C:\Program Files\Google\Chrome\Application\chrome.exe, QueryName: papyrefb2tdk6czd.onion.ly

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49785 version: TLS 1.2

Networking

barindex
Uses TOR for connection hidding
Source: unknownDNS query: name: papyrefb2tdk6czd.onion.ly
Source: unknownDNS query: name: papyrefb2tdk6czd.onion.ly
Source: unknownDNS query: name: papyrefb2tdk6czd.onion.ly
Source: unknownDNS query: name: papyrefb2tdk6czd.onion.ly
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.198.57
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.198.57
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=9xm+SxA2C+MApuF&MD=xRcsoohR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=9xm+SxA2C+MApuF&MD=xRcsoohR HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: papyrefb2tdk6czd.onion.lyConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: papyrefb2tdk6czd.onion.lyConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://papyrefb2tdk6czd.onion.ly/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: papyrefb2tdk6czd.onion.lyConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: papyrefb2tdk6czd.onion.ly
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49785 version: TLS 1.2
Source: classification engineClassification label: mal48.troj.win@16/5@6/4
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1984,i,1036302302117657355,12748891474908838162,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://papyrefb2tdk6czd.onion.ly"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1984,i,1036302302117657355,12748891474908838162,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Multi-hop Proxy		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA SecretsInternet Connection DiscoverySSHKeylogging1
Proxy		Scheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain CredentialsWi-Fi DiscoveryVNCGUI Input Capture1
Ingress Tool Transfer		Data Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://papyrefb2tdk6czd.onion.ly0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://papyrefb2tdk6czd.onion.ly/favicon.ico0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
www.google.com
142.250.181.68
truefalse
    		high
    papyrefb2tdk6czd.onion.ly
    		198.251.88.129
    		truetrue
      		unknown

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      http://papyrefb2tdk6czd.onion.ly/favicon.icofalse
      • Avira URL Cloud: safe
      		unknown
      http://papyrefb2tdk6czd.onion.ly/false
        		unknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        198.251.88.129
        		papyrefb2tdk6czd.onion.lyUnited States
        		53667PONYNETUStrue
        239.255.255.250
        		unknownReserved
        		unknownunknownfalse
        142.250.181.68
        		www.google.comUnited States
        		15169GOOGLEUSfalse

        Private

        IP
        192.168.2.4

        General Information

        Joe Sandbox version:41.0.0 Charoite
        Analysis ID:1566500
        Start date and time:2024-12-02 10:44:27 +01:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 2m 49s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:http://papyrefb2tdk6czd.onion.ly
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:7
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:MAL
        Classification:mal48.troj.win@16/5@6/4
        EGA Information:Failed
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 0

        Warnings

        • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 172.217.19.227, 172.217.17.46, 64.233.165.84, 34.104.35.123, 199.232.210.172, 192.229.221.95, 172.217.17.35
        • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, otelrules.azureedge.net, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
        • Not all processes where analyzed, report is missing behavior information
        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
        • VT rate limit hit for: http://papyrefb2tdk6czd.onion.ly

        Simulations

        Behavior and APIs

        No simulations

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        Chrome Cache Entry: 40

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:gzip compressed data, max speed, from Unix, truncated
        Category:downloaded
        Size (bytes):25
        Entropy (8bit):1.704381457724494
        Encrypted:false
        SSDEEP:3:FttYaXt:XtYa9
        MD5:12CC7ED4A6B046EECC2F0D56C270592E
        SHA1:605BA817C55FAF8B6716D75356A7B94DA4F3050F
        SHA-256:6B50CD1AF83A4A38BB32DA05CB7AEEEA70CE2F1B442805EBFD713A2AD8FF0A48
        SHA-512:D70645035D2DD10E6D1A7FF77C507D516F36EFD9C43157C9AFA3B9397CCE957D23F751068DAE3A1219249199819441858C0CF1658783229A5A7BCDA388F977B7
        Malicious:false
        Reputation:low
        URL:http://papyrefb2tdk6czd.onion.ly/favicon.ico
        Preview:.........................

        Chrome Cache Entry: 41

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:gzip compressed data, max speed, from Unix, truncated
        Category:downloaded
        Size (bytes):25
        Entropy (8bit):1.704381457724494
        Encrypted:false
        SSDEEP:3:FttYaXt:XtYa9
        MD5:12CC7ED4A6B046EECC2F0D56C270592E
        SHA1:605BA817C55FAF8B6716D75356A7B94DA4F3050F
        SHA-256:6B50CD1AF83A4A38BB32DA05CB7AEEEA70CE2F1B442805EBFD713A2AD8FF0A48
        SHA-512:D70645035D2DD10E6D1A7FF77C507D516F36EFD9C43157C9AFA3B9397CCE957D23F751068DAE3A1219249199819441858C0CF1658783229A5A7BCDA388F977B7
        Malicious:false
        Reputation:low
        URL:http://papyrefb2tdk6czd.onion.ly/
        Preview:.........................

        Chrome Cache Entry: 42

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:gzip compressed data, max speed, from Unix, truncated
        Category:dropped
        Size (bytes):25
        Entropy (8bit):1.704381457724494
        Encrypted:false
        SSDEEP:3:FttYaXt:XtYa9
        MD5:12CC7ED4A6B046EECC2F0D56C270592E
        SHA1:605BA817C55FAF8B6716D75356A7B94DA4F3050F
        SHA-256:6B50CD1AF83A4A38BB32DA05CB7AEEEA70CE2F1B442805EBFD713A2AD8FF0A48
        SHA-512:D70645035D2DD10E6D1A7FF77C507D516F36EFD9C43157C9AFA3B9397CCE957D23F751068DAE3A1219249199819441858C0CF1658783229A5A7BCDA388F977B7
        Malicious:false
        Reputation:low
        Preview:.........................

        Static File Info

        No static file info

        Network Behavior

        Network Port Distribution

        TCP Packets

        TimestampSource PortDest PortSource IPDest IP
        Dec 2, 2024 10:45:11.123425007 CET49675443192.168.2.4173.222.162.32
        Dec 2, 2024 10:45:20.778078079 CET49675443192.168.2.4173.222.162.32
        Dec 2, 2024 10:45:23.622195005 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:23.622267962 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:23.622351885 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:23.622708082 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:23.622745037 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:24.650060892 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:24.650096893 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:24.650185108 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:24.651887894 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:24.651901007 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:25.365319014 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:25.365683079 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:25.365720034 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:25.366776943 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:25.366839886 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:25.368674994 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:25.368746996 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:25.411518097 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:25.411550045 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:25.454668999 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:26.000108004 CET4973980192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:26.000614882 CET4974080192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:26.120230913 CET8049739198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:26.120527029 CET8049740198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:26.120528936 CET4973980192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:26.120584965 CET4973980192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:26.120640039 CET4974080192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:26.130861044 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.131129026 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.133611917 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.133620977 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.133876085 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.174005985 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.219326973 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.240786076 CET8049739198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:26.662213087 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.662269115 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.662334919 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.662568092 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.662585974 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.662600994 CET49738443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.662606955 CET4434973823.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.693686008 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.693775892 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:26.693860054 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.694168091 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:26.694217920 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:27.643409967 CET8049739198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:27.684802055 CET4973980192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:27.805021048 CET8049739198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:28.162408113 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.162512064 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:28.163798094 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:28.163816929 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.164025068 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.165091991 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:28.207334995 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.338736057 CET8049739198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:28.388261080 CET4973980192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:28.486829996 CET4974280192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:28.606846094 CET4974380192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:28.606977940 CET8049742198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:28.607049942 CET4974280192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:28.607207060 CET4974280192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:28.702090979 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.702155113 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.702318907 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:28.702992916 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:28.702992916 CET49741443192.168.2.423.218.208.109
        Dec 2, 2024 10:45:28.703058958 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.703088999 CET4434974123.218.208.109192.168.2.4
        Dec 2, 2024 10:45:28.726787090 CET8049743198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:28.726866961 CET4974380192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:28.727073908 CET8049742198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:30.220926046 CET8049742198.251.88.129192.168.2.4
        Dec 2, 2024 10:45:30.262521029 CET4974280192.168.2.4198.251.88.129
        Dec 2, 2024 10:45:33.779480934 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:33.779544115 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:33.779666901 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:33.780879021 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:33.780900002 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:35.050682068 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:35.050734997 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:35.050812960 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:35.541059017 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:35.541286945 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:35.544488907 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:35.544498920 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:35.544725895 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:35.593421936 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:36.014980078 CET49737443192.168.2.4142.250.181.68
        Dec 2, 2024 10:45:36.015054941 CET44349737142.250.181.68192.168.2.4
        Dec 2, 2024 10:45:37.051230907 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:37.095333099 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635449886 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635487080 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635493994 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635504007 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635534048 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635682106 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:37.635682106 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:37.635714054 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.635766983 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:37.658974886 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.659061909 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:37.659070969 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.659080982 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:37.659223080 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:38.865875006 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:38.865920067 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:38.865942955 CET49744443192.168.2.420.109.210.53
        Dec 2, 2024 10:45:38.865950108 CET4434974420.109.210.53192.168.2.4
        Dec 2, 2024 10:45:41.268373013 CET4972380192.168.2.42.19.198.57
        Dec 2, 2024 10:45:41.388654947 CET80497232.19.198.57192.168.2.4
        Dec 2, 2024 10:45:41.388755083 CET4972380192.168.2.42.19.198.57
        Dec 2, 2024 10:46:11.123744011 CET4974080192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:11.243758917 CET8049740198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:13.340902090 CET4973980192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:13.461097956 CET8049739198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:13.731446981 CET4974380192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:13.909348965 CET8049743198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:15.145158052 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:15.145266056 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:15.145339012 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:15.145735025 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:15.145783901 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:15.232049942 CET4974280192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:15.352040052 CET8049742198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:16.170903921 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:16.170928001 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:16.170994997 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:16.171288013 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:16.171303034 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:16.901664972 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:16.901902914 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:16.905363083 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:16.905401945 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:16.905656099 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:16.913876057 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:16.959328890 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.604465008 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.604485035 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.604496956 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.604691982 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.604744911 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.604809999 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.644275904 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.644320965 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.644370079 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.644454002 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.644454002 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.644454002 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.644516945 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.644552946 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:17.644577980 CET49750443192.168.2.420.109.210.53
        Dec 2, 2024 10:46:17.644594908 CET4434975020.109.210.53192.168.2.4
        Dec 2, 2024 10:46:18.077860117 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.077943087 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.079379082 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.079386950 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.079618931 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.086664915 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.131330013 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.577728033 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.577749014 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.577763081 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.577940941 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.577956915 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.578015089 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.774312019 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.774331093 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.774540901 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.774558067 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.774609089 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.829274893 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.829296112 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.829482079 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.829489946 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.829544067 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.959058046 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.959076881 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.959152937 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.959162951 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.959198952 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.990524054 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.990540028 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.990605116 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:18.990616083 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:18.990659952 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.012837887 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.012854099 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.012927055 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.012939930 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.012993097 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.033123016 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.033147097 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.033195972 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.033204079 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.033252954 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.165010929 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.165039062 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.165081024 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.165088892 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.165127993 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.165146112 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.179658890 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.179673910 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.179713011 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.179725885 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.179768085 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.179785967 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.194554090 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.194569111 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.194606066 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.194612980 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.194645882 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.194664001 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.207259893 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.207273960 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.207317114 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.207323074 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.207360029 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.207370996 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.222018957 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.222033024 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.222074986 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.222080946 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.222127914 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.236018896 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.236032009 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.236082077 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.236089945 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.236134052 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.242146969 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.242198944 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.242204905 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.242233992 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.242247105 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.242270947 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.242326975 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.242341042 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.242357016 CET49751443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.242362976 CET4434975113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.292505026 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.292593002 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.292675018 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.293797016 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.293844938 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.293917894 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.299468994 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.299493074 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.299565077 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303261042 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303299904 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.303425074 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303436041 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.303486109 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303571939 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303590059 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.303669930 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303683996 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.303688049 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303730011 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.303770065 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303802013 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303827047 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:19.303894043 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:19.303905964 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.385113955 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.385746002 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.385802984 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.386121035 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.386132002 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.386141062 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.386394024 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.386411905 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.386714935 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.386720896 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.448852062 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.449101925 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.449390888 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.449408054 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.449714899 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.449722052 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.449907064 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.449934006 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.450253010 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.450258017 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.513281107 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.513931990 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.514012098 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.514385939 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.514401913 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.822335958 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.822415113 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.822570086 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.822613955 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.822628021 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.822642088 CET49753443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.822654963 CET4434975313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825156927 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825179100 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825261116 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825306892 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825361967 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825455904 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825476885 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825488091 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825532913 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825535059 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825603962 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825666904 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825699091 CET4434975213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825728893 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.825742960 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.825752020 CET49752443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.827672005 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.827706099 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.827776909 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.827892065 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.827907085 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.895519972 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.895566940 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.895644903 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.895759106 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.895778894 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.895793915 CET49755443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.895801067 CET4434975513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.897689104 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.897728920 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.897799969 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.897939920 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.897953033 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899338961 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899353981 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899396896 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.899408102 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899559975 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.899570942 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899579048 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.899684906 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899712086 CET4434975613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.899749994 CET49756443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.901371956 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.901401043 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.901463032 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.901592016 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.901606083 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972151995 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972178936 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972353935 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.972419024 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972496033 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.972531080 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.972553968 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972650051 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.972752094 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972778082 CET4434975413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.972829103 CET49754443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.974540949 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.974575996 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:21.974644899 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.974772930 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:21.974786043 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.545981884 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:23.546071053 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:23.546201944 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:23.546467066 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:23.546504021 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:23.574067116 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.574537039 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.574563026 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.574976921 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.574981928 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.607250929 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.607546091 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.607580900 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.607871056 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.607877016 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.612715006 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.612938881 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.612966061 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.613215923 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.613219976 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.679563999 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.680052996 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.680073977 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.680377007 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.680386066 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.794173956 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.794503927 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.794523954 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:23.794848919 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:23.794853926 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.009118080 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.009192944 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.009260893 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.009398937 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.009416103 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.009434938 CET49758443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.009439945 CET4434975813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.012032986 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.012062073 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.012145042 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.012285948 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.012298107 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.047888041 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.047936916 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.047988892 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.048125029 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.048139095 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.048150063 CET49760443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.048156023 CET4434976013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.050229073 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.050251007 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.050318003 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.050425053 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.050436974 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.052356005 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.052408934 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.052457094 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.052567005 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.052582026 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.052619934 CET49759443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.052625895 CET4434975913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.054261923 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.054280996 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.054358006 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.054465055 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.054481030 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.124636889 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.124691963 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.124747038 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.124883890 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.124902964 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.124917030 CET49761443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.124922991 CET4434976113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.126893997 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.126907110 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.126971006 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.127104044 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.127115965 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.238632917 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.238689899 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.238740921 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.238930941 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.238944054 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.238951921 CET49762443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.238955975 CET4434976213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.240984917 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.241075039 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:24.241161108 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.241287947 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:24.241326094 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.235919952 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:25.236284971 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:25.236351013 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:25.236721039 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:25.237095118 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:25.237174034 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:25.278493881 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:25.796670914 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.797164917 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.797184944 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.797588110 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.797594070 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.831020117 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.831535101 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.831552982 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.831964970 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.831969976 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.898797035 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.899138927 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.899156094 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.899523020 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.899528027 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.911953926 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.914366007 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.914391041 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:25.914771080 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:25.914777040 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.087579012 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.088213921 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.088284969 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.088548899 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.088562965 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.240189075 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.240284920 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.240370989 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.240567923 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.240588903 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.240598917 CET49764443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.240602970 CET4434976413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.242940903 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.242983103 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.243062973 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.243171930 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.243187904 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.276770115 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.276829004 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.276959896 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.276988029 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.277002096 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.277012110 CET49765443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.277017117 CET4434976513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.279483080 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.279563904 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.279647112 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.279733896 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.279769897 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.352524042 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.352576971 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.352735043 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.352762938 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.352778912 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.352787971 CET49766443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.352792025 CET4434976613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.354876995 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.354931116 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.355011940 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.355159044 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.355176926 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.356642008 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.356694937 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.356808901 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.356833935 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.356842041 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.356851101 CET49767443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.356854916 CET4434976713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.358618975 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.358654976 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.358711958 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.358839989 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.358850956 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.543124914 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.543201923 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.543387890 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.543603897 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.543658972 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.543692112 CET49768443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.543706894 CET4434976813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.546564102 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.546608925 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:26.546691895 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.546849966 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:26.546865940 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:27.248625994 CET8049740198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:27.248703957 CET4974080192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:28.015028954 CET4974080192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:28.040994883 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.041476965 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.041490078 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.041928053 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.041930914 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.061861038 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.062319994 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.062370062 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.062617064 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.062625885 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.134937048 CET8049740198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:28.135565042 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.135981083 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.136003971 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.136476040 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.136481047 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.203233004 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.203644037 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.203660965 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.204026937 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.204030991 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.393094063 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.393517971 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.393549919 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.393955946 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.393960953 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.485368967 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.485433102 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.485476971 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.485603094 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.485615015 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.485624075 CET49769443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.485629082 CET4434976913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.488312960 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.488356113 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.488418102 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.488543034 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.488554955 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.505292892 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.505359888 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.505418062 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.505530119 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.505530119 CET49770443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.505573034 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.505615950 CET4434977013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.507623911 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.507651091 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.507705927 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.507854939 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.507869959 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.579560995 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.579616070 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.579663038 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.579756975 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.579772949 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.579782963 CET49771443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.579788923 CET4434977113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.581998110 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.582012892 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.582067966 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.582187891 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.582206011 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.657054901 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.657104015 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.657171011 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.657296896 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.657306910 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.657316923 CET49772443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.657320976 CET4434977213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.659085989 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.659169912 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.659243107 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.659353971 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.659387112 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.847647905 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.847717047 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.847834110 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.848016977 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.848040104 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.848056078 CET49773443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.848061085 CET4434977313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.850882053 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.850930929 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:28.851016998 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.851176977 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:28.851188898 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:29.851258993 CET8049743198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:29.851341009 CET4974380192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:30.014841080 CET4974380192.168.2.4198.251.88.129
        Dec 2, 2024 10:46:30.349085093 CET8049743198.251.88.129192.168.2.4
        Dec 2, 2024 10:46:30.353302002 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.353373051 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.353535891 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.353799105 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.353821993 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.353840113 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.353868008 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.354270935 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.354275942 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.354300976 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.354307890 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.354564905 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.354592085 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.354887009 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.354896069 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.773958921 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.774480104 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.774549007 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.774903059 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.774920940 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.788017988 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.788081884 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.788149118 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.788400888 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.788419008 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.788429022 CET49776443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.788434029 CET4434977613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.788933992 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.788989067 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.789030075 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.789092064 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.789119005 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.789133072 CET49774443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.789138079 CET4434977413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.791268110 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.791325092 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.791353941 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.791384935 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.791385889 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.791436911 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.791574001 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.791575909 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.791590929 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.791594028 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.797415018 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.797470093 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.797513008 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.797585964 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.797595024 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.797602892 CET49775443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.797606945 CET4434977513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.799309969 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.799350023 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.799415112 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.799524069 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.799535036 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.916455030 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.916846991 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.916871071 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:30.917283058 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:30.917296886 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.228430986 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.228486061 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.228538990 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.228712082 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.228760004 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.228792906 CET49777443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.228809118 CET4434977713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.231164932 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.231201887 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.231266022 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.231472969 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.231487036 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.371017933 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.371092081 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.371135950 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.371329069 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.371347904 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.371357918 CET49778443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.371366024 CET4434977813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.375585079 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.375623941 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:31.375674009 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.375845909 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:31.375857115 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.534306049 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.534846067 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.534872055 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.535260916 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.535268068 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.637644053 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.638081074 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.638113022 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.638175964 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.638425112 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.638485909 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.638487101 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.638490915 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.638861895 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.638875961 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.979168892 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.979243040 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.979296923 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.979475975 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.979496002 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.979506016 CET49781443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.979511976 CET4434978113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.982430935 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.982479095 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:32.982548952 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.982676983 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:32.982692003 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.012278080 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.012799978 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.012818098 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.013225079 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.013228893 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.091481924 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.091550112 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.091610909 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.091708899 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.091725111 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.091733932 CET49780443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.091737986 CET4434978013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.092147112 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.092204094 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.092262983 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.092696905 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.092698097 CET49779443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.092741966 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.092768908 CET4434977913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.094646931 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.094692945 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.094749928 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.094758034 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.094764948 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.094815969 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.094880104 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.094892025 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.094953060 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.094963074 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.221523046 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.221951962 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.221971035 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.222390890 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.222394943 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.456551075 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.456604004 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.456659079 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.456846952 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.456856966 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.456868887 CET49782443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.456872940 CET4434978213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.459446907 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.459471941 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.459707022 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.459707022 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.459733009 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.676528931 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.676584959 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.676630020 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.676825047 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.676846027 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.676855087 CET49783443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.676860094 CET4434978313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.679402113 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.679435015 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:33.679516077 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.679691076 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:33.679701090 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.762615919 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.763246059 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:34.763271093 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.763729095 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:34.763734102 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.813743114 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.814435959 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:34.814443111 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.814856052 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:34.814858913 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.889909983 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.890394926 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:34.890428066 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.890827894 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:34.890836954 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:34.942065001 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:34.942131042 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:34.942325115 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:35.206607103 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.206671953 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.206738949 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.207029104 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.207055092 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.207067013 CET49784443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.207072973 CET4434978413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.210323095 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.210355043 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.210441113 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.210570097 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.210577011 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.241595984 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.242043972 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.242075920 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.242507935 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.242518902 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.249049902 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.249113083 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.249218941 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.249238014 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.249243021 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.249254942 CET49786443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.249259949 CET4434978613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.251035929 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.251064062 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.251121998 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.251220942 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.251230955 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.334465027 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.334516048 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.334698915 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.334729910 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.334729910 CET49785443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.334748983 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.334758997 CET4434978513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.336488962 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.336508989 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.336575031 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.336684942 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.336695910 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.459443092 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.460010052 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.460032940 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.460489035 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.460494041 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.686125994 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.686182022 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.686233997 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.686423063 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.686441898 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.686450958 CET49787443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.686456919 CET4434978713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.689169884 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.689225912 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.689299107 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.689476013 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.689490080 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.905438900 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.905503035 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.905558109 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.905730963 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.905744076 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.905752897 CET49788443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.905757904 CET4434978813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.908571959 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.908621073 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:35.908713102 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.908843994 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:35.908858061 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:36.015043020 CET49763443192.168.2.4142.250.181.68
        Dec 2, 2024 10:46:36.015100956 CET44349763142.250.181.68192.168.2.4
        Dec 2, 2024 10:46:36.926083088 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:36.926641941 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:36.926656961 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:36.927131891 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:36.927135944 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:36.968780041 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:36.969259024 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:36.969273090 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:36.969830036 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:36.969835043 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.051860094 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.052499056 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.052527905 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.052936077 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.052941084 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.360999107 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.361059904 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.361097097 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.361268044 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.361280918 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.361289978 CET49789443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.361294031 CET4434978913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.364145994 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.364183903 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.364249945 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.364407063 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.364422083 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.405337095 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.405405045 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.405464888 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.405621052 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.405632973 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.405643940 CET49790443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.405648947 CET4434979013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.408138990 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.408175945 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.408237934 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.408368111 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.408381939 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.486908913 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.486980915 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.487019062 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.487122059 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.487134933 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.487143993 CET49791443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.487149000 CET4434979113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.489336967 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.489356995 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.489423990 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.489563942 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.489576101 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.534408092 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.534791946 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.534807920 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.535362005 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.535367012 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.688713074 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.689182997 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.689205885 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.689624071 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.689629078 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.988636971 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.988687038 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.988874912 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.988914967 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.988914967 CET49792443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.988935947 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.988944054 CET4434979213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.991282940 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.991309881 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:37.991379023 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.991502047 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:37.991513014 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:38.132999897 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:38.133065939 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:38.133312941 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:38.133357048 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:38.133357048 CET49793443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:38.133373976 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:38.133383989 CET4434979313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:38.136080027 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:38.136111975 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:38.136183977 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:38.136326075 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:38.136338949 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.145239115 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.145761013 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.145787001 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.146224976 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.146233082 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.169192076 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.169502974 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.169536114 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.169835091 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.169840097 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.270030022 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.270500898 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.270520926 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.271059990 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.271066904 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.590071917 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.590140104 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.590396881 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.590498924 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.590523005 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.590534925 CET49794443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.590542078 CET4434979413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.593489885 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.593518019 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.593607903 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.593748093 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.593755007 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.604902983 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.604979038 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.605052948 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.605215073 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.605215073 CET49795443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.605230093 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.605238914 CET4434979513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.606954098 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.606983900 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.607043982 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.607153893 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.607162952 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.714699984 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.714776039 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.714823961 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.715069056 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.715069056 CET49796443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.715085983 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.715094090 CET4434979613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.716861963 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.716955900 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.717041016 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.717143059 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.717181921 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.861706972 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.862476110 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.862494946 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.862903118 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.862906933 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.980829000 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.981179953 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.981201887 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:39.981592894 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:39.981597900 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.315879107 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.315953016 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.316009998 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.316179037 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.316199064 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.316207886 CET49797443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.316212893 CET4434979713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.319879055 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.319926023 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.319983006 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.320278883 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.320296049 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.434633970 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.434700012 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.434746027 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.435499907 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.435516119 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.435527086 CET49798443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.435532093 CET4434979813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.440901041 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.440948963 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:40.441013098 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.441195011 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:40.441219091 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.378046036 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.378602982 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.378612041 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.379103899 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.379112959 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.387717962 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.388076067 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.388091087 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.388411045 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.388416052 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.507256985 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.507745981 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.507780075 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.508219004 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.508224964 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.822226048 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.822293997 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.822349072 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.822546959 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.822561979 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.822571039 CET49799443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.822576046 CET4434979913.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.825257063 CET49804443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.825306892 CET4434980413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.825388908 CET49804443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.825551033 CET49804443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.825566053 CET4434980413.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.831681013 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.831756115 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.831803083 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.831877947 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.831891060 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.831899881 CET49800443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.831904888 CET4434980013.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.834124088 CET49805443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.834163904 CET4434980513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.834235907 CET49805443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.834346056 CET49805443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.834356070 CET4434980513.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.951221943 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.951324940 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.951389074 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.951623917 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.951625109 CET49801443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.951668024 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.951694965 CET4434980113.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.954562902 CET49806443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.954600096 CET4434980613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:41.954665899 CET49806443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.954812050 CET49806443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:41.954829931 CET4434980613.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.101608992 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.102034092 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.102072001 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.102489948 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.102495909 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.288152933 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.288682938 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.288721085 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.289378881 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.289385080 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.546525002 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.546576977 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.546622992 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.546802044 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.546821117 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.546830893 CET49802443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.546835899 CET4434980213.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.549453020 CET49807443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.549493074 CET4434980713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.549556971 CET49807443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.549716949 CET49807443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.549735069 CET4434980713.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.743083954 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.743150949 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.743340969 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.743498087 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.743518114 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.743530035 CET49803443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.743535042 CET4434980313.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.746115923 CET49808443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.746140003 CET4434980813.107.246.63192.168.2.4
        Dec 2, 2024 10:46:42.746330976 CET49808443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.746499062 CET49808443192.168.2.413.107.246.63
        Dec 2, 2024 10:46:42.746509075 CET4434980813.107.246.63192.168.2.4

        UDP Packets

        TimestampSource PortDest PortSource IPDest IP
        Dec 2, 2024 10:45:19.679584980 CET53597181.1.1.1192.168.2.4
        Dec 2, 2024 10:45:19.694099903 CET53495531.1.1.1192.168.2.4
        Dec 2, 2024 10:45:22.705269098 CET53611531.1.1.1192.168.2.4
        Dec 2, 2024 10:45:23.483171940 CET6535153192.168.2.41.1.1.1
        Dec 2, 2024 10:45:23.483290911 CET5763153192.168.2.41.1.1.1
        Dec 2, 2024 10:45:23.620953083 CET53576311.1.1.1192.168.2.4
        Dec 2, 2024 10:45:23.621334076 CET53653511.1.1.1192.168.2.4
        Dec 2, 2024 10:45:25.137080908 CET5278753192.168.2.41.1.1.1
        Dec 2, 2024 10:45:25.139615059 CET6398853192.168.2.41.1.1.1
        Dec 2, 2024 10:45:25.945554018 CET53527871.1.1.1192.168.2.4
        Dec 2, 2024 10:45:26.083738089 CET53639881.1.1.1192.168.2.4
        Dec 2, 2024 10:45:28.343679905 CET5444953192.168.2.41.1.1.1
        Dec 2, 2024 10:45:28.343822002 CET6331853192.168.2.41.1.1.1
        Dec 2, 2024 10:45:28.481661081 CET53633181.1.1.1192.168.2.4
        Dec 2, 2024 10:45:28.481893063 CET53544491.1.1.1192.168.2.4
        Dec 2, 2024 10:45:39.667131901 CET53615601.1.1.1192.168.2.4
        Dec 2, 2024 10:45:39.956064939 CET138138192.168.2.4192.168.2.255
        Dec 2, 2024 10:45:58.387389898 CET53639651.1.1.1192.168.2.4
        Dec 2, 2024 10:46:19.806401968 CET53492931.1.1.1192.168.2.4
        Dec 2, 2024 10:46:20.932729959 CET53590891.1.1.1192.168.2.4

        ICMP Packets

        TimestampSource IPDest IPChecksumCodeType
        Dec 2, 2024 10:45:26.083864927 CET192.168.2.41.1.1.1c231(Port unreachable)Destination Unreachable

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Dec 2, 2024 10:45:23.483171940 CET192.168.2.41.1.1.10x1913Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Dec 2, 2024 10:45:23.483290911 CET192.168.2.41.1.1.10x929cStandard query (0)www.google.com65IN (0x0001)false
        Dec 2, 2024 10:45:25.137080908 CET192.168.2.41.1.1.10xf5eaStandard query (0)papyrefb2tdk6czd.onion.lyA (IP address)IN (0x0001)false
        Dec 2, 2024 10:45:25.139615059 CET192.168.2.41.1.1.10x40e5Standard query (0)papyrefb2tdk6czd.onion.ly65IN (0x0001)false
        Dec 2, 2024 10:45:28.343679905 CET192.168.2.41.1.1.10x2644Standard query (0)papyrefb2tdk6czd.onion.lyA (IP address)IN (0x0001)false
        Dec 2, 2024 10:45:28.343822002 CET192.168.2.41.1.1.10xd2b5Standard query (0)papyrefb2tdk6czd.onion.ly65IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Dec 2, 2024 10:45:23.620953083 CET1.1.1.1192.168.2.40x929cNo error (0)www.google.com65IN (0x0001)false
        Dec 2, 2024 10:45:23.621334076 CET1.1.1.1192.168.2.40x1913No error (0)www.google.com142.250.181.68A (IP address)IN (0x0001)false
        Dec 2, 2024 10:45:25.945554018 CET1.1.1.1192.168.2.40xf5eaNo error (0)papyrefb2tdk6czd.onion.ly198.251.88.129A (IP address)IN (0x0001)false
        Dec 2, 2024 10:45:28.481893063 CET1.1.1.1192.168.2.40x2644No error (0)papyrefb2tdk6czd.onion.ly198.251.88.129A (IP address)IN (0x0001)false

        HTTP Request Dependency Graph

        • fs.microsoft.com
        • slscr.update.microsoft.com
        • otelrules.azureedge.net
        • papyrefb2tdk6czd.onion.ly

        HTTP Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.449739198.251.88.129806112C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Dec 2, 2024 10:45:26.120584965 CET440OUTGET / HTTP/1.1
        Host: papyrefb2tdk6czd.onion.ly
        Connection: keep-alive
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Dec 2, 2024 10:45:27.643409967 CET257INHTTP/1.1 200 OK
        Server: nginx/1.18.0
        Date: Mon, 02 Dec 2024 09:44:42 GMT
        Content-Type: text/html; charset=UTF-8
        Transfer-Encoding: chunked
        Connection: keep-alive
        Vary: Accept-Encoding
        Content-Encoding: gzip
        Data Raw: 66 0d 0a 1f 8b 08 00 00 00 00 00 04 03 00 00 00 ff ff 0d 0a 61 0d 0a 03 00 00 00 00 00 00 00 00 00 0d 0a 30 0d 0a 0d 0a
        Data Ascii: fa0
        Dec 2, 2024 10:45:27.684802055 CET394OUTGET /favicon.ico HTTP/1.1
        Host: papyrefb2tdk6czd.onion.ly
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
        Referer: http://papyrefb2tdk6czd.onion.ly/
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Dec 2, 2024 10:45:28.338736057 CET257INHTTP/1.1 200 OK
        Server: nginx/1.18.0
        Date: Mon, 02 Dec 2024 09:44:43 GMT
        Content-Type: text/html; charset=UTF-8
        Transfer-Encoding: chunked
        Connection: keep-alive
        Vary: Accept-Encoding
        Content-Encoding: gzip
        Data Raw: 66 0d 0a 1f 8b 08 00 00 00 00 00 04 03 00 00 00 ff ff 0d 0a 61 0d 0a 03 00 00 00 00 00 00 00 00 00 0d 0a 30 0d 0a 0d 0a
        Data Ascii: fa0
        Dec 2, 2024 10:46:13.340902090 CET6OUTData Raw: 00
        Data Ascii:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.2.449742198.251.88.129806112C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Dec 2, 2024 10:45:28.607207060 CET289OUTGET /favicon.ico HTTP/1.1
        Host: papyrefb2tdk6czd.onion.ly
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: */*
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Dec 2, 2024 10:45:30.220926046 CET257INHTTP/1.1 200 OK
        Server: nginx/1.18.0
        Date: Mon, 02 Dec 2024 09:44:44 GMT
        Content-Type: text/html; charset=UTF-8
        Transfer-Encoding: chunked
        Connection: keep-alive
        Vary: Accept-Encoding
        Content-Encoding: gzip
        Data Raw: 66 0d 0a 1f 8b 08 00 00 00 00 00 04 03 00 00 00 ff ff 0d 0a 61 0d 0a 03 00 00 00 00 00 00 00 00 00 0d 0a 30 0d 0a 0d 0a
        Data Ascii: fa0
        Dec 2, 2024 10:46:15.232049942 CET6OUTData Raw: 00
        Data Ascii:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        2192.168.2.449740198.251.88.129806112C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Dec 2, 2024 10:46:11.123744011 CET6OUTData Raw: 00
        Data Ascii:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        3192.168.2.449743198.251.88.129806112C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Dec 2, 2024 10:46:13.731446981 CET6OUTData Raw: 00
        Data Ascii:


        HTTPS Proxied Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.44973823.218.208.109443
        TimestampBytes transferredDirectionData
        2024-12-02 09:45:26 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        User-Agent: Microsoft BITS/7.8
        Host: fs.microsoft.com
        2024-12-02 09:45:26 UTC479INHTTP/1.1 200 OK
        Content-Type: application/octet-stream
        Server: Kestrel
        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
        X-Ms-ApiVersion: Distribute 1.2
        X-Ms-Region: prod-weu-z1
        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
        X-OSID: 2
        X-CID: 2
        X-CCC: GB
        Cache-Control: public, max-age=121274
        Date: Mon, 02 Dec 2024 09:45:26 GMT
        Connection: close
        X-CID: 2


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.2.44974123.218.208.109443
        TimestampBytes transferredDirectionData
        2024-12-02 09:45:28 UTC239OUTGET /fs/windows/config.json HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
        Range: bytes=0-2147483646
        User-Agent: Microsoft BITS/7.8
        Host: fs.microsoft.com
        2024-12-02 09:45:28 UTC535INHTTP/1.1 200 OK
        Content-Type: application/octet-stream
        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
        ApiVersion: Distribute 1.1
        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
        X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
        Cache-Control: public, max-age=181196
        Date: Mon, 02 Dec 2024 09:45:28 GMT
        Content-Length: 55
        Connection: close
        X-CID: 2
        2024-12-02 09:45:28 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        2192.168.2.44974420.109.210.53443
        TimestampBytes transferredDirectionData
        2024-12-02 09:45:37 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=9xm+SxA2C+MApuF&MD=xRcsoohR HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
        Host: slscr.update.microsoft.com
        2024-12-02 09:45:37 UTC560INHTTP/1.1 200 OK
        Cache-Control: no-cache
        Pragma: no-cache
        Content-Type: application/octet-stream
        Expires: -1
        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
        MS-CorrelationId: 581e7635-d5ab-425c-8260-7ccc5c878213
        MS-RequestId: 8cdda774-66d4-46a7-a5a7-8b2b2a6a6a35
        MS-CV: 8qi4yVOs8ES2gwbP.0
        X-Microsoft-SLSClientCache: 2880
        Content-Disposition: attachment; filename=environment.cab
        X-Content-Type-Options: nosniff
        Date: Mon, 02 Dec 2024 09:45:36 GMT
        Connection: close
        Content-Length: 24490
        2024-12-02 09:45:37 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
        2024-12-02 09:45:37 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        3192.168.2.44975020.109.210.53443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:16 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=9xm+SxA2C+MApuF&MD=xRcsoohR HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
        Host: slscr.update.microsoft.com
        2024-12-02 09:46:17 UTC560INHTTP/1.1 200 OK
        Cache-Control: no-cache
        Pragma: no-cache
        Content-Type: application/octet-stream
        Expires: -1
        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
        ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
        MS-CorrelationId: 3b93edbe-1b3c-462c-bdc5-0cf462de8198
        MS-RequestId: bf6b8182-80f1-4777-bef5-94fd5dc9ac71
        MS-CV: XrFqoB72eU2Kf/ab.0
        X-Microsoft-SLSClientCache: 1440
        Content-Disposition: attachment; filename=environment.cab
        X-Content-Type-Options: nosniff
        Date: Mon, 02 Dec 2024 09:46:16 GMT
        Connection: close
        Content-Length: 30005
        2024-12-02 09:46:17 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
        Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
        2024-12-02 09:46:17 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
        Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        4192.168.2.44975113.107.246.634436112C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:18 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:18 UTC471INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:18 GMT
        Content-Type: text/plain
        Content-Length: 218853
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public
        Last-Modified: Fri, 29 Nov 2024 23:15:49 GMT
        ETag: "0x8DD10CBC2E3B852"
        x-ms-request-id: 82d9e4b2-501e-007b-3a87-435ba2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094618Z-174f7845968pf68xhC1EWRr4h800000014kg000000001scf
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:18 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
        Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
        2024-12-02 09:46:18 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
        Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
        2024-12-02 09:46:18 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
        Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
        2024-12-02 09:46:18 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
        Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
        2024-12-02 09:46:18 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
        Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
        2024-12-02 09:46:19 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
        Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
        2024-12-02 09:46:19 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
        Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
        2024-12-02 09:46:19 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
        Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
        2024-12-02 09:46:19 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
        Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
        2024-12-02 09:46:19 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
        Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


        Session IDSource IPSource PortDestination IPDestination Port
        5192.168.2.44975213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:21 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:21 UTC494INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:21 GMT
        Content-Type: text/xml
        Content-Length: 2980
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
        ETag: "0x8DC582BA80D96A1"
        x-ms-request-id: 663f4ef8-b01e-0053-4c19-44cdf8000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094621Z-174f7845968frfdmhC1EWRxxbw000000146g000000008ny0
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:21 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


        Session IDSource IPSource PortDestination IPDestination Port
        6192.168.2.44975313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:21 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:21 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:21 GMT
        Content-Type: text/xml
        Content-Length: 450
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
        ETag: "0x8DC582BD4C869AE"
        x-ms-request-id: e2494acb-201e-0003-0207-42f85a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094621Z-174f7845968j6t2phC1EWRcfe800000014c0000000005r8h
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:21 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


        Session IDSource IPSource PortDestination IPDestination Port
        7192.168.2.44975513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:21 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:21 UTC491INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:21 GMT
        Content-Type: text/xml
        Content-Length: 408
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
        ETag: "0x8DC582BB56D3AFB"
        x-ms-request-id: 2c78b3d6-001e-0017-21e0-430c3c000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094621Z-174f78459688l8rvhC1EWRtzr00000000gwg000000003c3a
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-12-02 09:46:21 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


        Session IDSource IPSource PortDestination IPDestination Port
        8192.168.2.44975613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:21 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:21 UTC494INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:21 GMT
        Content-Type: text/xml
        Content-Length: 2160
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
        ETag: "0x8DC582BA3B95D81"
        x-ms-request-id: 6eac4bdd-a01e-006f-1c91-3f13cd000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094621Z-174f7845968glpgnhC1EWR7uec00000014c00000000061q6
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:21 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


        Session IDSource IPSource PortDestination IPDestination Port
        9192.168.2.44975413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:21 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:21 UTC494INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:21 GMT
        Content-Type: text/xml
        Content-Length: 3788
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
        ETag: "0x8DC582BAC2126A6"
        x-ms-request-id: 0b3277ea-501e-00a0-5e91-3f9d9f000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094621Z-174f78459688l8rvhC1EWRtzr00000000gv0000000004vpp
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:21 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


        Session IDSource IPSource PortDestination IPDestination Port
        10192.168.2.44975813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:23 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:24 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:23 GMT
        Content-Type: text/xml
        Content-Length: 474
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
        ETag: "0x8DC582B9964B277"
        x-ms-request-id: 8ccd6c39-f01e-0085-6e81-3f88ea000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094623Z-174f78459688l8rvhC1EWRtzr00000000gvg0000000043ga
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:24 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        11192.168.2.44975913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:23 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:24 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:23 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
        ETag: "0x8DC582B9F6F3512"
        x-ms-request-id: e1e1876a-701e-0001-22c7-43b110000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094623Z-174f7845968zgtf6hC1EWRqd8s0000000x5g0000000065rw
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:24 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        12192.168.2.44976013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:23 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:24 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:23 GMT
        Content-Type: text/xml
        Content-Length: 471
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
        ETag: "0x8DC582BB10C598B"
        x-ms-request-id: 30944020-a01e-0053-5e8b-3f8603000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094623Z-174f7845968px8v7hC1EWR08ng00000014k0000000002nvc
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:24 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        13192.168.2.44976113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:23 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:24 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:23 GMT
        Content-Type: text/xml
        Content-Length: 632
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
        ETag: "0x8DC582BB6E3779E"
        x-ms-request-id: f20189e0-201e-005d-0f7c-43afb3000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094623Z-174f7845968frfdmhC1EWRxxbw00000014d0000000000qqc
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:24 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


        Session IDSource IPSource PortDestination IPDestination Port
        14192.168.2.44976213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:23 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:24 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:24 GMT
        Content-Type: text/xml
        Content-Length: 467
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
        ETag: "0x8DC582BA6C038BC"
        x-ms-request-id: c220f382-901e-0029-3552-43274a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094624Z-174f7845968swgbqhC1EWRmnb400000014a0000000008m2q
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:24 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        15192.168.2.44976413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:25 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:26 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:26 GMT
        Content-Type: text/xml
        Content-Length: 407
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
        ETag: "0x8DC582BBAD04B7B"
        x-ms-request-id: ed9dfa2a-401e-0015-7891-3f0e8d000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094626Z-174f7845968kdththC1EWRzvxn0000000gp0000000002rrx
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:26 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


        Session IDSource IPSource PortDestination IPDestination Port
        16192.168.2.44976513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:25 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:26 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:26 GMT
        Content-Type: text/xml
        Content-Length: 486
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
        ETag: "0x8DC582BB344914B"
        x-ms-request-id: 6eac52fb-a01e-006f-2191-3f13cd000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094626Z-174f7845968kvnqxhC1EWRmf3g0000000r30000000003b2k
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:26 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        17192.168.2.44976613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:25 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:26 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:26 GMT
        Content-Type: text/xml
        Content-Length: 427
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
        ETag: "0x8DC582BA310DA18"
        x-ms-request-id: c665a67d-901e-002a-1b91-3f7a27000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094626Z-174f7845968cpnpfhC1EWR3afc00000013wg000000004epq
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:26 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


        Session IDSource IPSource PortDestination IPDestination Port
        18192.168.2.44976713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:25 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:26 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:26 GMT
        Content-Type: text/xml
        Content-Length: 486
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
        ETag: "0x8DC582B9018290B"
        x-ms-request-id: 1383167b-401e-008c-1f3c-4486c2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094626Z-174f784596886s2bhC1EWR743w000000145g00000000a099
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:26 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        19192.168.2.44976813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:26 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:26 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:26 GMT
        Content-Type: text/xml
        Content-Length: 407
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
        ETag: "0x8DC582B9698189B"
        x-ms-request-id: 8339b61c-e01e-00aa-5413-42ceda000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094626Z-174f7845968kvnqxhC1EWRmf3g0000000r5g00000000099y
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:26 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


        Session IDSource IPSource PortDestination IPDestination Port
        20192.168.2.44976913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:28 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:28 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:28 GMT
        Content-Type: text/xml
        Content-Length: 469
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
        ETag: "0x8DC582BBA701121"
        x-ms-request-id: a11b7610-d01e-00ad-11d5-43e942000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094628Z-174f78459684bddphC1EWRbht4000000143g0000000000t4
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:28 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        21192.168.2.44977013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:28 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:28 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:28 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
        ETag: "0x8DC582BA41997E3"
        x-ms-request-id: 4b7a7cb4-201e-000c-0405-4179c4000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094628Z-174f7845968pght8hC1EWRyvxg00000007dg000000003u6x
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:28 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        22192.168.2.44977113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:28 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:28 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:28 GMT
        Content-Type: text/xml
        Content-Length: 477
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
        ETag: "0x8DC582BB8CEAC16"
        x-ms-request-id: e9babc56-001e-0049-5291-3f5bd5000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094628Z-174f7845968px8v7hC1EWR08ng00000014d0000000009q5m
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:28 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        23192.168.2.44977213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:28 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:28 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:28 GMT
        Content-Type: text/xml
        Content-Length: 464
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
        ETag: "0x8DC582B97FB6C3C"
        x-ms-request-id: a99e6065-701e-006f-4d91-3fafc4000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094628Z-174f78459684bddphC1EWRbht400000013x00000000086g2
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:28 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


        Session IDSource IPSource PortDestination IPDestination Port
        24192.168.2.44977313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:28 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:28 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:28 GMT
        Content-Type: text/xml
        Content-Length: 494
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
        ETag: "0x8DC582BB7010D66"
        x-ms-request-id: 738c1948-001e-0082-4aa8-425880000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094628Z-174f78459684db9fhC1EWRc7g40000000460000000008cpz
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:28 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        25192.168.2.44977413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:30 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:30 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:30 GMT
        Content-Type: text/xml
        Content-Length: 419
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
        ETag: "0x8DC582B9748630E"
        x-ms-request-id: 6704fd4e-701e-0050-16f6-416767000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094630Z-174f7845968kvnqxhC1EWRmf3g0000000r5g0000000009ck
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:30 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


        Session IDSource IPSource PortDestination IPDestination Port
        26192.168.2.44977613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:30 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:30 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:30 GMT
        Content-Type: text/xml
        Content-Length: 404
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
        ETag: "0x8DC582B9E8EE0F3"
        x-ms-request-id: 3f7caad5-701e-006f-6962-43afc4000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094630Z-174f7845968glpgnhC1EWR7uec00000014f0000000002c4e
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:30 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


        Session IDSource IPSource PortDestination IPDestination Port
        27192.168.2.44977513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:30 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:30 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:30 GMT
        Content-Type: text/xml
        Content-Length: 472
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
        ETag: "0x8DC582B9DACDF62"
        x-ms-request-id: b18988de-c01e-0079-2891-3fe51a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094630Z-174f7845968zgtf6hC1EWRqd8s0000000x40000000008eg3
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:30 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        28192.168.2.44977713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:30 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:31 UTC491INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:31 GMT
        Content-Type: text/xml
        Content-Length: 468
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
        ETag: "0x8DC582B9C8E04C8"
        x-ms-request-id: 5181e575-b01e-001e-206f-430214000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094631Z-174f7845968cpnpfhC1EWR3afc00000013y0000000002eey
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-12-02 09:46:31 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        29192.168.2.44977813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:30 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:31 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:31 GMT
        Content-Type: text/xml
        Content-Length: 428
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
        ETag: "0x8DC582BAC4F34CA"
        x-ms-request-id: 7732d518-401e-0035-4c64-4482d8000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094631Z-174f78459685m244hC1EWRgp2c00000014300000000049w3
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:31 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


        Session IDSource IPSource PortDestination IPDestination Port
        30192.168.2.44978113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:32 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:32 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:32 GMT
        Content-Type: text/xml
        Content-Length: 471
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
        ETag: "0x8DC582BB5815C4C"
        x-ms-request-id: 6c824192-201e-0051-0a91-3f7340000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094632Z-174f7845968xr5c2hC1EWRd0hn0000000nzg0000000094gd
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:32 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        31192.168.2.44978013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:32 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:33 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:32 GMT
        Content-Type: text/xml
        Content-Length: 499
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
        ETag: "0x8DC582B98CEC9F6"
        x-ms-request-id: f843b097-901e-00ac-53c3-43b69e000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094632Z-174f7845968glpgnhC1EWR7uec00000014f0000000002c5c
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:33 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        32192.168.2.44977913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:32 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:33 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:32 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
        ETag: "0x8DC582B988EBD12"
        x-ms-request-id: 5aec2b48-201e-0085-7d6b-4334e3000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094632Z-174f7845968kdththC1EWRzvxn0000000gkg000000005w4k
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:33 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        33192.168.2.44978213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:33 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:33 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:33 GMT
        Content-Type: text/xml
        Content-Length: 419
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
        ETag: "0x8DC582BB32BB5CB"
        x-ms-request-id: 2132beec-901e-00ac-46aa-42b69e000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094633Z-174f7845968psccphC1EWRuz9s00000014eg000000006ue9
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:33 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


        Session IDSource IPSource PortDestination IPDestination Port
        34192.168.2.44978313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:33 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:33 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:33 GMT
        Content-Type: text/xml
        Content-Length: 494
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
        ETag: "0x8DC582BB8972972"
        x-ms-request-id: 1e31e9ea-701e-0098-028a-43395f000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094633Z-174f78459684bddphC1EWRbht400000014000000000049d7
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:33 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        35192.168.2.44978413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:34 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:35 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:35 GMT
        Content-Type: text/xml
        Content-Length: 420
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
        ETag: "0x8DC582B9DAE3EC0"
        x-ms-request-id: d3507608-601e-003d-4b91-3f6f25000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094635Z-174f78459688l8rvhC1EWRtzr00000000gwg000000003cbs
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:35 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


        Session IDSource IPSource PortDestination IPDestination Port
        36192.168.2.44978613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:34 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:35 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:35 GMT
        Content-Type: text/xml
        Content-Length: 427
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
        ETag: "0x8DC582BA909FA21"
        x-ms-request-id: b5d3fb3c-c01e-000b-6fb4-42e255000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094635Z-174f7845968px8v7hC1EWR08ng00000014gg000000004yp2
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:35 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


        Session IDSource IPSource PortDestination IPDestination Port
        37192.168.2.44978513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:34 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:35 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:35 GMT
        Content-Type: text/xml
        Content-Length: 472
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
        ETag: "0x8DC582B9D43097E"
        x-ms-request-id: c0407c6d-d01e-0082-369d-43e489000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094635Z-174f7845968jrjrxhC1EWRmmrs00000014dg000000003g0f
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:35 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        38192.168.2.44978713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:35 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:35 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:35 GMT
        Content-Type: text/xml
        Content-Length: 486
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
        ETag: "0x8DC582B92FCB436"
        x-ms-request-id: 716ae074-c01e-0046-576f-432db9000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094635Z-174f7845968jrjrxhC1EWRmmrs00000014cg000000004dwh
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:35 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        39192.168.2.44978813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:35 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:35 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:35 GMT
        Content-Type: text/xml
        Content-Length: 423
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
        ETag: "0x8DC582BB7564CE8"
        x-ms-request-id: 9dc9d887-801e-0015-73b3-42f97f000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094635Z-174f7845968px8v7hC1EWR08ng00000014cg000000009zcz
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:35 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


        Session IDSource IPSource PortDestination IPDestination Port
        40192.168.2.44978913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:36 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:37 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:37 GMT
        Content-Type: text/xml
        Content-Length: 478
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
        ETag: "0x8DC582B9B233827"
        x-ms-request-id: 1fa1b817-401e-0067-5691-3f09c2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094637Z-174f7845968kdththC1EWRzvxn0000000gg0000000009pt1
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:37 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        41192.168.2.44979013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:36 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:37 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:37 GMT
        Content-Type: text/xml
        Content-Length: 404
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
        ETag: "0x8DC582B95C61A3C"
        x-ms-request-id: 13e6cbbb-001e-005a-04a3-43c3d0000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094637Z-174f7845968n2hr8hC1EWR9cag00000013t0000000009xaw
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:37 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


        Session IDSource IPSource PortDestination IPDestination Port
        42192.168.2.44979113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:37 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:37 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:37 GMT
        Content-Type: text/xml
        Content-Length: 468
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
        ETag: "0x8DC582BB046B576"
        x-ms-request-id: be7987d0-001e-0034-1e91-3fdd04000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094637Z-174f7845968kvnqxhC1EWRmf3g0000000r20000000004dg4
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:37 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        43192.168.2.44979213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:37 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:37 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:37 GMT
        Content-Type: text/xml
        Content-Length: 400
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
        ETag: "0x8DC582BB2D62837"
        x-ms-request-id: 6760f0bc-801e-002a-1f91-3f31dc000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094637Z-174f7845968kvnqxhC1EWRmf3g0000000qzg000000007sr9
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:37 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


        Session IDSource IPSource PortDestination IPDestination Port
        44192.168.2.44979313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:37 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:38 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:37 GMT
        Content-Type: text/xml
        Content-Length: 479
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
        ETag: "0x8DC582BB7D702D0"
        x-ms-request-id: 6644a72f-f01e-001f-6d66-435dc8000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094637Z-174f78459685726chC1EWRsnbg00000014d0000000000wer
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:38 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        45192.168.2.44979413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:39 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:39 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:39 GMT
        Content-Type: text/xml
        Content-Length: 425
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
        ETag: "0x8DC582BBA25094F"
        x-ms-request-id: be2d73de-001e-002b-2f62-4399f2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094639Z-174f784596886s2bhC1EWR743w0000001480000000006650
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:39 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


        Session IDSource IPSource PortDestination IPDestination Port
        46192.168.2.44979513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:39 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:39 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:39 GMT
        Content-Type: text/xml
        Content-Length: 475
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
        ETag: "0x8DC582BB2BE84FD"
        x-ms-request-id: 20d43c3b-001e-0049-3b6b-435bd5000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094639Z-174f7845968nxc96hC1EWRspw8000000140g000000003z7u
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:39 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        47192.168.2.44979613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:39 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:39 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:39 GMT
        Content-Type: text/xml
        Content-Length: 448
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
        ETag: "0x8DC582BB389F49B"
        x-ms-request-id: 07e13988-c01e-0049-0444-44ac27000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094639Z-174f784596886s2bhC1EWR743w0000001480000000006653
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:39 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


        Session IDSource IPSource PortDestination IPDestination Port
        48192.168.2.44979713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:39 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:40 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:40 GMT
        Content-Type: text/xml
        Content-Length: 491
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
        ETag: "0x8DC582B98B88612"
        x-ms-request-id: 7e25aef7-c01e-0049-6a05-41ac27000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094640Z-174f7845968frfdmhC1EWRxxbw00000014b00000000031te
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:40 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        49192.168.2.44979813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:39 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:40 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:40 GMT
        Content-Type: text/xml
        Content-Length: 416
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
        ETag: "0x8DC582BAEA4B445"
        x-ms-request-id: 6da3e3c6-601e-0084-52b4-426b3f000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094640Z-174f7845968frfdmhC1EWRxxbw00000014ag000000003drd
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:40 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


        Session IDSource IPSource PortDestination IPDestination Port
        50192.168.2.44979913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:41 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:41 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:41 GMT
        Content-Type: text/xml
        Content-Length: 479
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
        ETag: "0x8DC582B989EE75B"
        x-ms-request-id: 0fbdb1d5-101e-0079-0270-435913000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094641Z-174f784596886s2bhC1EWR743w000000148g000000005fc8
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:41 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        51192.168.2.44980013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:41 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:41 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:41 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
        ETag: "0x8DC582BA80D96A1"
        x-ms-request-id: ab991284-101e-005a-2ab3-42882b000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094641Z-174f784596886s2bhC1EWR743w00000014c0000000001mbf
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:41 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        52192.168.2.44980113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:41 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:41 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:41 GMT
        Content-Type: text/xml
        Content-Length: 471
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
        ETag: "0x8DC582B97E6FCDD"
        x-ms-request-id: 384f76bb-601e-003e-05a2-423248000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094641Z-174f78459684db9fhC1EWRc7g40000000460000000008cyd
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:41 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        53192.168.2.44980213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:42 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:42 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:42 GMT
        Content-Type: text/xml
        Content-Length: 419
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
        ETag: "0x8DC582B9C710B28"
        x-ms-request-id: 9318b81d-501e-0035-5bd6-43c923000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094642Z-174f7845968nxc96hC1EWRspw800000013xg0000000079rx
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:42 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


        Session IDSource IPSource PortDestination IPDestination Port
        54192.168.2.44980313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:42 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:42 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:42 GMT
        Content-Type: text/xml
        Content-Length: 477
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
        ETag: "0x8DC582BA54DCC28"
        x-ms-request-id: 3f63c6b9-401e-0064-499d-4354af000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094642Z-174f7845968ljs8phC1EWRe6en000000142g000000005vav
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:42 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        55192.168.2.44980413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:43 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-12-02 09:46:44 UTC470INHTTP/1.1 200 OK
        Date: Mon, 02 Dec 2024 09:46:43 GMT
        Content-Type: text/xml
        Content-Length: 419
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
        ETag: "0x8DC582BB7F164C3"
        x-ms-request-id: 2fc5819c-d01e-002b-4a95-4325fb000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241202T094643Z-174f7845968qj8jrhC1EWRh41s0000001440000000007vn7
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-12-02 09:46:44 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


        Session IDSource IPSource PortDestination IPDestination Port
        56192.168.2.44980513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:43 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net


        Session IDSource IPSource PortDestination IPDestination Port
        57192.168.2.44980613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-12-02 09:46:43 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net


        Statistics

        CPU Usage

        Click to jump to process

        Memory Usage

        Click to jump to process

        Behavior

        Click to jump to process

        System Behavior

        General

        Target ID:0
        Start time:04:45:14
        Start date:02/12/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:2
        Start time:04:45:17
        Start date:02/12/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1984,i,1036302302117657355,12748891474908838162,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:3
        Start time:04:45:23
        Start date:02/12/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://papyrefb2tdk6czd.onion.ly"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true

        Disassembly

        No disassembly