Edit tour

Windows Analysis Report
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf

Overview

General Information

Sample URL:	https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf
Analysis ID:	1532596
Infos:

Errors URL not reachable

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 1640 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1528 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1912,i,17811236556600939790,4215623662459134640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5900 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.8:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.8:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:49733 version: TLS 1.2

Source: global traffic

TCP traffic: 192.168.2.8:49709 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=2vU4sGatVb97TPY&MD=XmGu58xX HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=2vU4sGatVb97TPY&MD=XmGu58xX HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: static2.sharepointonline.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.8:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.8:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:49733 version: TLS 1.2

Source: classification engine

Classification label: unknown1.win@17/11@4/4

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1912,i,17811236556600939790,4215623662459134640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1912,i,17811236556600939790,4215623662459134640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf	0%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com	0%	Virustotal	Browse
s-part-0017.t-0009.t-msedge.net	0%	Virustotal	Browse
static2.sharepointonline.com	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.185.196	true	false	0%, Virustotal, Browse	unknown
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com	84.201.210.38	true	false	0%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	0%, Virustotal, Browse	unknown
static2.sharepointonline.com	unknown	unknown	false	0%, Virustotal, Browse	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.185.196	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.8
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1532596
Start date and time:	2024-10-13 18:07:48 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 21s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	UNKNOWN
Classification:	unknown1.win@17/11@4/4
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Errors

URL not reachable

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.46, 66.102.1.84, 142.250.185.131, 34.104.35.123, 104.102.54.247, 84.201.210.38, 192.229.221.95, 20.3.187.198, 52.165.164.15, 142.250.186.163
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, e13287.dscg.akamaiedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, static2.sharepointonline.com.edgekey.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, update.googleapis.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com, wu-b-net.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 13 15:08:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9822804354892334
Encrypted:	false
SSDEEP:	48:89C0dTsT0w/WHdidAKZdA1oehwiZUklqehqy+3:84as//9py
MD5:	44F5226F704DAA1B196528AFC15C018A
SHA1:	99E1E69C3F040D8062695102BC56E5CE13DF6E91
SHA-256:	23016065528E9ABBCE7E8C3C0A54377F917C3821AAC00B0CC5FA11728BFE4677
SHA-512:	96D6FA4CBEC3502B46148D9D93777FA4F58AE1CC87ABA04DD48A6F3A8E93857C97A06A0D208F0907A4BE494A071F38DA1AE0E8583AAE95A6B7FF8515B0F0C11C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......)6....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IMY......B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMY ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............K]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 13 15:08:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9979545032784176
Encrypted:	false
SSDEEP:	48:8AC0dTsT0w/WHdidAKZdA1leh/iZUkAQkqehZy+2:8ras//X9QQy
MD5:	B8F0186D7F2825ABBE1457F993700D87
SHA1:	26F93A7F35F1B39306F7CE700A0366AA959E3081
SHA-256:	2CB933E6EBE8DF4F540FEF26880F0FE701F6D90224180E2DAE6E6C56B7F5D20F
SHA-512:	90736472743E3ED746D3EE30F0F85CFD63F64E44A2D7FA7AA6F0E3967D956FFBF30F4036112D824B5005ED7861E1C617BD7D3F120F954789666ACA72D74AC405
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....K..6....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IMY......B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMY ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............K]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.010301957239308
Encrypted:	false
SSDEEP:	48:86C0dTsT0wbHdidAKZdA14t5eh7sFiZUkmgqeh7sny+BX:8Fas/An1y
MD5:	0AD44B0C5BF1DAF9AD2F9722EDD604AE
SHA1:	AB4FDB5D22FD0D73F7537020850913B68AA634B9
SHA-256:	AF7CDFDD1626A1EB2A54F397D7F4498A38BC71B9ABD0E9B626E116394D10C778
SHA-512:	5BFAE77BB06361227C1F3EC3E2C8C2751FAC3188C8C1F6E6E5E0F0143F97DA59096ECD1A224236723272067D4765D757131D26E8FBC45A5D7972F944914E137D
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....C..b...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IMY......B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VEW.@...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............K]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 13 15:08:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9955796065203377
Encrypted:	false
SSDEEP:	48:8QC0dTsT0w/WHdidAKZdA16ehDiZUkwqehNy+R:8bas//k/y
MD5:	75431912963FAD6F7CAA5B9676A414D8
SHA1:	3765999DD35656766BA30BE15B368449BF6413F4
SHA-256:	F8F4D960214D5075B1CE70E483EC05BBF198472E5151B66847A4314E3EEE4572
SHA-512:	E7E07033E85D74D21EE25A788662BC87B8D7E7A377CD2E9EA8951853B0F3E79D62DF52CB5ED7D8968EEF3C0072A091C67EB6F207EEC8F3552C19BD9B76137B07
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....W..6....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IMY......B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMY ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............K]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 13 15:08:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2681
Entropy (8bit):	3.9833922291603012
Encrypted:	false
SSDEEP:	48:8gC0dTsT0w/WHdidAKZdA1UehBiZUk1W1qehDy+C:8Las//k9jy
MD5:	8D0BB6BA2AFC723DB313011BC5C36BF6
SHA1:	CE977B2EB48888BA452A9486500EF705DEE9712F
SHA-256:	C84604A5F3310A16B5CE74FA027A8381947AD4E9A06434AE33773B0FBD8FC8F5
SHA-512:	1AFD2DD5BEE12E836B8F766FB3EF9F5EF926DAA188A86ED6182478C03C2134AF7115C4AFAFC0CA4287BFC29528440F0C1B8EF0AC6187A778059DAC933840BB68
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....p1#6....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IMY......B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMY ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............K]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 13 15:08:58 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2683
Entropy (8bit):	3.996247559544309
Encrypted:	false
SSDEEP:	48:8MC0dTsT0w/WHdidAKZdA1duTrehOuTbbiZUk5OjqehOuTb1y+yT+:8/as//RTYTbxWOvTb1y7T
MD5:	7912FEBCE4A6D107E4637765CFCC881E
SHA1:	51193BBB107F43B2FC1AD988E1665385608DBEC5
SHA-256:	247A648D80FBD4471F31F2A0C773FBD766512DF28F4C0FE38E609E8C49FE770C
SHA-512:	DF6B4C6B4D217791B004348374475921A46F8CA1B24813F84FCCACBB526460950E2EAB010FAFBB40E4D6D4B9DB05720DAFB1266A9CB08F0C9F35A18DF251A11E
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......6....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW)C..PROGRA~1..t......O.IMY......B...............J.....V...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VMY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VMY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VMY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VMY ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............K]......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\Downloads\b2082218-ebe9-4ea0-a51e-be0a32003707.tmp

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 15 tables, 1st "OS/2"
Category:	dropped
Size (bytes):	15630
Entropy (8bit):	6.633393154669068
Encrypted:	false
SSDEEP:	384:gZsHMIx0SwxjmaB1J/SlPxq3FMPeYh1h8naM5Bl3mtT90Qn:DsIx0lJ7wxq3F2RTSFLBmtTTn
MD5:	9379E6ACB13A731DD743B820F24E54E3
SHA1:	81FCDE1AC0E544574974C1B2148E24A0C7CD664A
SHA-256:	9B981FA51846F7E345B0E69B11B6BBFA0C779DAA6D7BE3BE38DA852482E5B7C8
SHA-512:	B38E6DC1C534289C85C061711C1E5E47D55E4CBCC348D2A5859B9EC9AAA25972854A68C51D3D86C4342028981D5FA1A64E6F0596492A6DE79A79B4466B046E48
Malicious:	false
Reputation:	low
Preview:	...........pOS/2Iy.%.......`cmapj$....\... cvt /.+}...\|...Lfpgm".[.........gasp.<..........glyf..^%....... head..v........6hhea.<.....D...$hmtx..x....h....kern.0.u...0....loca.R..........maxp........... name DEf........post.Q.w...... prepbMkt.......i...8.........3.......3.....f.................#...B........MS .........Q...... .............. .....................r.@...2...~.......1.:.B.D.M.S.a.k.x.{.~...;.........'.......?.. . . . . " & 0 : D .!"!&"."."."."."."."+"H"`"e%.%....?......... .......1.:.B.D.M.R.`.k.x.{.}...;.........'.......?.. . . . . & 0 9 D .!"!&"."."."."."."."+"H"`"d%.%....>.........................^.....C...g...............;.........................x...k.y..........u.q.`.0.1.V.......+.......n.................................................................................F...F...............:......................................................... .....................b.c...d...e...............f.........g...........h.......j.i.k.m.l.n...o.q.p.r.s.u.t.v.w...x.z.y

C:\Users\user\Downloads\segoeui-light.ttf (copy)

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 15 tables, 1st "OS/2", 10 names, Microsoft, language 0x409, \251 2015 Microsoft Corporation. All Rights Reserved.Segoe UI LightRegularVersion 5.31SegoeUI-Li
Category:	dropped
Size (bytes):	52780
Entropy (8bit):	6.6328870371905175
Encrypted:	false
SSDEEP:	1536:tqs6B4/nborUuR7R6o5cnza0m2JiI2fexMmlt:85B4/nUrUHoW0vfyD
MD5:	A1D91D920B9CD1897E0695B185C70A94
SHA1:	F5B2E785D112859B12EF116BFC5ABCF008C9024A
SHA-256:	739E4FA2CB721EB70F4A7A4EA22FB92E780ECD1EB1D1118C1BA5665BCEB67390
SHA-512:	83A3C911D01A004899E889BD4353C5D5E851A8F11467F0F1813958896973F3A53D77F7B99D7F34328F4665F019D8BC69FCF4D5A808425F6F901D1B113B562098
Malicious:	false
Reputation:	low
Preview:	...........pOS/2Iy.%.......`cmapj$....\... cvt /.+}...\|...Lfpgm".[.........gasp.<..........glyf..^%....... head..v........6hhea.<.....D...$hmtx..x....h....kern.0.u...0....loca.R..........maxp........... name DEf........post.Q.w...... prepbMkt.......i...8.........3.......3.....f.................#...B........MS .........Q...... .............. .....................r.@...2...~.......1.:.B.D.M.S.a.k.x.{.~...;.........'.......?.. . . . . " & 0 : D .!"!&"."."."."."."."+"H"`"e%.%....?......... .......1.:.B.D.M.R.`.k.x.{.}...;.........'.......?.. . . . . & 0 9 D .!"!&"."."."."."."."+"H"`"d%.%....>.........................^.....C...g...............;.........................x...k.y..........u.q.`.0.1.V.......+.......n.................................................................................F...F...............:......................................................... .....................b.c...d...e...............f.........g...........h.......j.i.k.m.l.n...o.q.p.r.s.u.t.v.w...x.z.y

C:\Users\user\Downloads\segoeui-light.ttf.crdownload

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 15 tables, 1st "OS/2", 10 names, Microsoft, language 0x409, \251 2015 Microsoft Corporation. All Rights Reserved.Segoe UI LightRegularVersion 5.31SegoeUI-Li
Category:	dropped
Size (bytes):	52780
Entropy (8bit):	6.6328870371905175
Encrypted:	false
SSDEEP:	1536:tqs6B4/nborUuR7R6o5cnza0m2JiI2fexMmlt:85B4/nUrUHoW0vfyD
MD5:	A1D91D920B9CD1897E0695B185C70A94
SHA1:	F5B2E785D112859B12EF116BFC5ABCF008C9024A
SHA-256:	739E4FA2CB721EB70F4A7A4EA22FB92E780ECD1EB1D1118C1BA5665BCEB67390
SHA-512:	83A3C911D01A004899E889BD4353C5D5E851A8F11467F0F1813958896973F3A53D77F7B99D7F34328F4665F019D8BC69FCF4D5A808425F6F901D1B113B562098
Malicious:	false
Reputation:	low
Preview:	...........pOS/2Iy.%.......`cmapj$....\... cvt /.+}...\|...Lfpgm".[.........gasp.<..........glyf..^%....... head..v........6hhea.<.....D...$hmtx..x....h....kern.0.u...0....loca.R..........maxp........... name DEf........post.Q.w...... prepbMkt.......i...8.........3.......3.....f.................#...B........MS .........Q...... .............. .....................r.@...2...~.......1.:.B.D.M.S.a.k.x.{.~...;.........'.......?.. . . . . " & 0 : D .!"!&"."."."."."."."+"H"`"e%.%....?......... .......1.:.B.D.M.R.`.k.x.{.}...;.........'.......?.. . . . . & 0 9 D .!"!&"."."."."."."."+"H"`"d%.%....>.........................^.....C...g...............;.........................x...k.y..........u.q.`.0.1.V.......+.......n.................................................................................F...F...............:......................................................... .....................b.c...d...e...............f.........g...........h.......j.i.k.m.l.n...o.q.p.r.s.u.t.v.w...x.z.y

Chrome Cache Entry: 66

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 15 tables, 1st "OS/2", 10 names, Microsoft, language 0x409, \251 2015 Microsoft Corporation. All Rights Reserved.Segoe UI LightRegularVersion 5.31SegoeUI-Li
Category:	downloaded
Size (bytes):	52780
Entropy (8bit):	6.6328870371905175
Encrypted:	false
SSDEEP:	1536:tqs6B4/nborUuR7R6o5cnza0m2JiI2fexMmlt:85B4/nUrUHoW0vfyD
MD5:	A1D91D920B9CD1897E0695B185C70A94
SHA1:	F5B2E785D112859B12EF116BFC5ABCF008C9024A
SHA-256:	739E4FA2CB721EB70F4A7A4EA22FB92E780ECD1EB1D1118C1BA5665BCEB67390
SHA-512:	83A3C911D01A004899E889BD4353C5D5E851A8F11467F0F1813958896973F3A53D77F7B99D7F34328F4665F019D8BC69FCF4D5A808425F6F901D1B113B562098
Malicious:	false
Reputation:	low
URL:	https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf
Preview:	...........pOS/2Iy.%.......`cmapj$....\... cvt /.+}...\|...Lfpgm".[.........gasp.<..........glyf..^%....... head..v........6hhea.<.....D...$hmtx..x....h....kern.0.u...0....loca.R..........maxp........... name DEf........post.Q.w...... prepbMkt.......i...8.........3.......3.....f.................#...B........MS .........Q...... .............. .....................r.@...2...~.......1.:.B.D.M.S.a.k.x.{.~...;.........'.......?.. . . . . " & 0 : D .!"!&"."."."."."."."+"H"`"e%.%....?......... .......1.:.B.D.M.R.`.k.x.{.}...;.........'.......?.. . . . . & 0 9 D .!"!&"."."."."."."."+"H"`"d%.%....>.........................^.....C...g...............;.........................x...k.y..........u.q.`.0.1.V.......+.......n.................................................................................F...F...............:......................................................... .....................b.c...d...e...............f.........g...........h.......j.i.k.m.l.n...o.q.p.r.s.u.t.v.w...x.z.y

Static File Info

⊘No static file info

File Icon


Icon Hash:	00b29a8e86828200

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 13, 2024 18:08:50.087676048 CEST	49673	443	192.168.2.8	23.206.229.226
Oct 13, 2024 18:08:50.462651014 CEST	49672	443	192.168.2.8	23.206.229.226
Oct 13, 2024 18:08:51.572088957 CEST	49676	443	192.168.2.8	52.182.143.211
Oct 13, 2024 18:08:54.197062016 CEST	49677	80	192.168.2.8	192.229.211.108
Oct 13, 2024 18:08:57.428248882 CEST	49709	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:57.433089018 CEST	53	49709	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:57.433146954 CEST	49709	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:57.433226109 CEST	49709	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:57.433243036 CEST	49709	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:57.433527946 CEST	49709	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:57.437956095 CEST	53	49709	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:57.437975883 CEST	53	49709	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:57.478954077 CEST	53	49709	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:57.799222946 CEST	53	49709	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:57.799292088 CEST	49709	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:59.693708897 CEST	49673	443	192.168.2.8	23.206.229.226
Oct 13, 2024 18:09:00.065180063 CEST	49672	443	192.168.2.8	23.206.229.226
Oct 13, 2024 18:09:01.607929945 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:01.607992887 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:01.608091116 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:01.608349085 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:01.608365059 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:01.789324999 CEST	443	49708	23.206.229.226	192.168.2.8
Oct 13, 2024 18:09:01.789691925 CEST	49708	443	192.168.2.8	23.206.229.226
Oct 13, 2024 18:09:02.144501925 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:02.144526958 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:02.144607067 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:02.153484106 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:02.153501987 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:02.271023035 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:02.271333933 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:02.271343946 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:02.272418976 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:02.272561073 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:02.274070978 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:02.274128914 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:02.314227104 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:02.314241886 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:02.361176014 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:02.893425941 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:02.897136927 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:02.897648096 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:02.897655964 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:02.898061037 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:02.938627005 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:02.969429016 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.011445999 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.221633911 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.221725941 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.221971989 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.222001076 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.222028971 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.222028971 CEST	49721	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.222035885 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.222038984 CEST	443	49721	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.269715071 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.269756079 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.269846916 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.270505905 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.270522118 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.973361969 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.973464012 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.974908113 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:03.974916935 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.975351095 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:03.976573944 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:04.019419909 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:04.310261011 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:04.310334921 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:04.310391903 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:04.311471939 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:04.311471939 CEST	49722	443	192.168.2.8	184.28.90.27
Oct 13, 2024 18:09:04.311492920 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:04.311503887 CEST	443	49722	184.28.90.27	192.168.2.8
Oct 13, 2024 18:09:10.138376951 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:10.138420105 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:10.138526917 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:10.139899969 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:10.139911890 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:10.949350119 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:10.949461937 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:11.224103928 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:11.224122047 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:11.224442005 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:11.267164946 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:12.176132917 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:12.176202059 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:12.176309109 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:12.258865118 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:12.299415112 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519707918 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519733906 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519742966 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519752979 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519798040 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519823074 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:12.519834042 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.519850969 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:12.519911051 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:12.520122051 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.520181894 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:12.520188093 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.520313978 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:12.520431995 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:13.194196939 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:13.194196939 CEST	49723	443	192.168.2.8	4.175.87.197
Oct 13, 2024 18:09:13.194226027 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:13.194241047 CEST	443	49723	4.175.87.197	192.168.2.8
Oct 13, 2024 18:09:13.677201986 CEST	49719	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:09:13.677243948 CEST	443	49719	142.250.185.196	192.168.2.8
Oct 13, 2024 18:09:49.628180027 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:49.628238916 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:49.628308058 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:49.628730059 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:49.628746033 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.228676081 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.228784084 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.232702017 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.232717991 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.233050108 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.248734951 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.295406103 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.445972919 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446000099 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446018934 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446074009 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.446110010 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446167946 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.446404934 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446451902 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446475983 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.446482897 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.446500063 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.447242975 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.447298050 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.450392008 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.450411081 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:09:50.450417995 CEST	49730	443	192.168.2.8	20.12.23.50
Oct 13, 2024 18:09:50.450423956 CEST	443	49730	20.12.23.50	192.168.2.8
Oct 13, 2024 18:10:01.647969961 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:01.648009062 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:01.648324966 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:01.648422003 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:01.648430109 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:02.297321081 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:02.297666073 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:02.297683001 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:02.298757076 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:02.299372911 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:02.299599886 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:02.346060038 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:06.240426064 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:06.240492105 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:06.240565062 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:06.240920067 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:06.240937948 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.241847038 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.241941929 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.243877888 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.243901968 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.244143009 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.252588034 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.299407005 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.354124069 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.354152918 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.354196072 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.354224920 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.354249001 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.354276896 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.354312897 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.444011927 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.444035053 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.444108009 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.444133997 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.444317102 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.445655107 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.445682049 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.445719957 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.445729971 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.445759058 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.445779085 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.534260988 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.534280062 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.534347057 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.534370899 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.534501076 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.535453081 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.535469055 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.535511017 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.535521030 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.535553932 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.535562992 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.536569118 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.536585093 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.536659956 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.536669970 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.536725044 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.538314104 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.538328886 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.538389921 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.538399935 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.538484097 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.624916077 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.624937057 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.624989986 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.625010967 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.625029087 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.625055075 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.625685930 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.625704050 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.625762939 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.625771999 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.625825882 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.626622915 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.626640081 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.626692057 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.626698971 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.626725912 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.626744032 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.627567053 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.627583027 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.627635956 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.627645016 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.627737999 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.627995014 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.628012896 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.628051996 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.628060102 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.628088951 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.628101110 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.628923893 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.628937960 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.628988028 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.628995895 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.629112959 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.629630089 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.629694939 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.629702091 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.629714012 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.629760027 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.629793882 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.629793882 CEST	49733	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.629810095 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.629817009 CEST	443	49733	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.679297924 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.679339886 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.679584980 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.680414915 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.680452108 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.680543900 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.682473898 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.682502031 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.682748079 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683036089 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683072090 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.683134079 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683557987 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683571100 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.683654070 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683666945 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.683902025 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683919907 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.683922052 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.683933973 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.685250998 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.685261965 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:07.685328007 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.685697079 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:07.685703039 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.332817078 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.333542109 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.333563089 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.333861113 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.334076881 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.334081888 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.334224939 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.334235907 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.334708929 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.334713936 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.344819069 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.345391989 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.345412016 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.346406937 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.346412897 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.359100103 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.359728098 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.359772921 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.360279083 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.360291958 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.375365973 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.375849962 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.375876904 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.376324892 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.376334906 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436444998 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436472893 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436527014 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436537981 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436549902 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.436558008 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436595917 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.436633110 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.436633110 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.436655045 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.437041044 CEST	49735	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.437067032 CEST	443	49735	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.438738108 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.438767910 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.438777924 CEST	49736	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.438783884 CEST	443	49736	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.446577072 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.446620941 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.446733952 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.446770906 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.446819067 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.446842909 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.446856976 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.446897984 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.447014093 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.447074890 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.447128057 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.447277069 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.447289944 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.447532892 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.447551966 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.447566032 CEST	49737	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.447571993 CEST	443	49737	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.449639082 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.449676037 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.449755907 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.449775934 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.449784994 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.449899912 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.449913025 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.465012074 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.465074062 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.465138912 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.465379953 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.465399027 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.465409040 CEST	49734	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.465415001 CEST	443	49734	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.468626022 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.468657970 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.468729973 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.468868017 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.468878031 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.483238935 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.483289957 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.483500957 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.483568907 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.483568907 CEST	49738	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.483587980 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.483601093 CEST	443	49738	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.486228943 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.486272097 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:08.486366987 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.486479998 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:08.486505032 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.112778902 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.114978075 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.115016937 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.115544081 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.115550041 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.135690928 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.136223078 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.136245966 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.136885881 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.136893988 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.143975019 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.148772955 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.154167891 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.154182911 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.154866934 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.154876947 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.155461073 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.155495882 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.155846119 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.155853033 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.158673048 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.159338951 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.159365892 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.160037041 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.160043001 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.215493917 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.215563059 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.215625048 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.215893030 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.215913057 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.215923071 CEST	49740	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.215929985 CEST	443	49740	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.219196081 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.219244003 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.219326019 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.219537973 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.219552994 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.242196083 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.242257118 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.242325068 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.242541075 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.242563009 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.242636919 CEST	49739	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.242644072 CEST	443	49739	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.245883942 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.245928049 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.246011972 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.246217966 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.246232986 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.255795002 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.255847931 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.255929947 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.256038904 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.256098032 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.256108046 CEST	49743	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.256122112 CEST	443	49743	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.256169081 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.256320953 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.256345034 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.256350994 CEST	49742	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.256356955 CEST	443	49742	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.259413004 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.259432077 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.259440899 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.259470940 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.259527922 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.259552956 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.259725094 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.259726048 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.259736061 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.259740114 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.261327028 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.261383057 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.261528969 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.261558056 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.261564016 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.261574984 CEST	49741	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.261579037 CEST	443	49741	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.263514996 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.263562918 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:09.263844967 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.263844967 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:09.263878107 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.885941982 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.887128115 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.887162924 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.887634993 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.887640953 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.889504910 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.889951944 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.889976978 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.890350103 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.890366077 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.896150112 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.896560907 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.896589994 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.896951914 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.896958113 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.903815985 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.904196024 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.904228926 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.904572010 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.904580116 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.907708883 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.908293962 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.908307076 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.908690929 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.908699036 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.987838984 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.987912893 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.988112926 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.988285065 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.988285065 CEST	49744	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.988305092 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.988312960 CEST	443	49744	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.991755962 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.991801977 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.991930008 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.992156982 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.992175102 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.999485016 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.999552965 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.999711037 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.999741077 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.999748945 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:10.999764919 CEST	49747	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:10.999771118 CEST	443	49747	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.002513885 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.002546072 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.002681971 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.002882004 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.002895117 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.014858007 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.014923096 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.014991045 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.015183926 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.015203953 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.015218973 CEST	49748	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.015225887 CEST	443	49748	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.016163111 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.016316891 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.016495943 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.016593933 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.016649008 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.016748905 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.017039061 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.017039061 CEST	49746	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.017061949 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.017074108 CEST	443	49746	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.017146111 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.017146111 CEST	49745	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.017153025 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.017163038 CEST	443	49745	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.019056082 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.019093037 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.019181013 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.019315004 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.019330978 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.234169960 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.234222889 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.234297991 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.239051104 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.239113092 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.239195108 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.243660927 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.243700027 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.244347095 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.244370937 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.652786016 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.667673111 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.670296907 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.670310974 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.675271034 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.675277948 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.682082891 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.682126999 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.687721014 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.687731028 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.690639019 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.691334009 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.691348076 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.692230940 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.692238092 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.772300005 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.772377014 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.772636890 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.774163008 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.774163008 CEST	49749	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.774188042 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.774197102 CEST	443	49749	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.778294086 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.778342962 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.778613091 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.778954029 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.778970003 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.788707972 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.788784027 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.788876057 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.789203882 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.789221048 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.789232969 CEST	49751	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.789239883 CEST	443	49751	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.793545961 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.793586969 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.793720007 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.794068098 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.794087887 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.797862053 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.797923088 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.797992945 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.798612118 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.798612118 CEST	49750	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.798629999 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.798640013 CEST	443	49750	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.802108049 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.802149057 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.802238941 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.802865028 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.802876949 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.922049046 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.923132896 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.923149109 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.923799992 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.923804998 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.931544065 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.931997061 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.932018042 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:11.932733059 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:11.932738066 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.028316021 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.028374910 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.028489113 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.029045105 CEST	49752	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.029063940 CEST	443	49752	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.034172058 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.034213066 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.034347057 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.034542084 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.034568071 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.038774014 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.038819075 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.039011002 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.039124012 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.039144039 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.039150953 CEST	49753	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.039156914 CEST	443	49753	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.041521072 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.041539907 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.041665077 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.041836977 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.041862011 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.195131063 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:12.195199013 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:12.195250034 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:12.436599970 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.437688112 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.437716007 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.439004898 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.439018011 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.442867041 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.443552017 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.443564892 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.444335938 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.444339991 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.492521048 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.493084908 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.493112087 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.493495941 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.493501902 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.537275076 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.537334919 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.537383080 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.540647984 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.540678978 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.540693045 CEST	49754	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.540703058 CEST	443	49754	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.544759989 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.544831038 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.544877052 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.546075106 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.546113014 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.546171904 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.546390057 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.546411037 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.546422005 CEST	49755	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.546435118 CEST	443	49755	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.549012899 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.549034119 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.551163912 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.551178932 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.551253080 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.551429987 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.551438093 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.599102020 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.599164963 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.599435091 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.600531101 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.600555897 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.600569010 CEST	49756	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.600574970 CEST	443	49756	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.603641033 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.603693962 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.603843927 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.604093075 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.604113102 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.690159082 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.690726995 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.690742016 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.691183090 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.691200972 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.692600965 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.693006039 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.693013906 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.693516970 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.693521976 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.795152903 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.795206070 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.795264959 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.795551062 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.795572042 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.795583010 CEST	49757	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.795592070 CEST	443	49757	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.796210051 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.796268940 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.796304941 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.796596050 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.796601057 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.796616077 CEST	49758	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.796621084 CEST	443	49758	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.799230099 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.799263000 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.799339056 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.799403906 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.799458027 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.799556017 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.799568892 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:12.799595118 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.799679041 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:12.799694061 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.200985909 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.202984095 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.202984095 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.203023911 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.203031063 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.237380981 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.238498926 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.238498926 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.238540888 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.238543987 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.265060902 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.266405106 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.266424894 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.266670942 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.266676903 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.302083969 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.302124023 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.302644014 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.303050995 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.303050995 CEST	49760	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.303070068 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.303081036 CEST	443	49760	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.306659937 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.306694031 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.306932926 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.311068058 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.311083078 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.344444036 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.344511986 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.344577074 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.345154047 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.345165014 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.345226049 CEST	49759	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.345232010 CEST	443	49759	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.350172997 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.350236893 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.350328922 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.350780964 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.350805998 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.367777109 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.367840052 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.369427919 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.369869947 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.369869947 CEST	49761	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.369888067 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.369896889 CEST	443	49761	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.376562119 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.376615047 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.377073050 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.377305984 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.377330065 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.452534914 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.453993082 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.453993082 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.454049110 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.454077959 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.473732948 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.474457026 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.474467993 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.475187063 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.475197077 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.554563999 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.554630995 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.554966927 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.555125952 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.555125952 CEST	49763	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.555136919 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.555150032 CEST	443	49763	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.558551073 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.558589935 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.559063911 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.559462070 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.559474945 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.579155922 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.579221010 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.580383062 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.580383062 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.580498934 CEST	49762	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.580534935 CEST	443	49762	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.588175058 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.588228941 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.589948893 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.591073990 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.591095924 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.679661036 CEST	49732	443	192.168.2.8	142.250.185.196
Oct 13, 2024 18:10:13.679702997 CEST	443	49732	142.250.185.196	192.168.2.8
Oct 13, 2024 18:10:13.973870039 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.975059032 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.975075006 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:13.976027012 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:13.976031065 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.028827906 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.029772997 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.029772997 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.029812098 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.029825926 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.051285982 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.051760912 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.051791906 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.052252054 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.052258968 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.077176094 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.077241898 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.077347994 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.077629089 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.077645063 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.077677011 CEST	49764	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.077682972 CEST	443	49764	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.080770969 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.080805063 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.080929041 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.081212997 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.081227064 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.334598064 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.334662914 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.334728956 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.335063934 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.335079908 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.335095882 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.335108995 CEST	49765	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.335118055 CEST	443	49765	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.335134983 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.335216999 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.335427046 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.335433006 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.335455894 CEST	49766	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.335459948 CEST	443	49766	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.338084936 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.338253021 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.338860035 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.338907957 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.338964939 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.338964939 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.338999987 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.339081049 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.339324951 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.339339018 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.339447975 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.339461088 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.339891911 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.339901924 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.340065002 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.340086937 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.340117931 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.340123892 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.340313911 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.340331078 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.440752029 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.440814018 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.440896988 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.441366911 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.441382885 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.441392899 CEST	49767	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.441400051 CEST	443	49767	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.441900969 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.441976070 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.442018986 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.443679094 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.443701029 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.443716049 CEST	49768	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.443722010 CEST	443	49768	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.448468924 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.448504925 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.448570967 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.450133085 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.450165033 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.450299025 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.450345993 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.450364113 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.450490952 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.450504065 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.732724905 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.733428955 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.733443975 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.734333992 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.734338999 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.841857910 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.841921091 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.841981888 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.842616081 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.842616081 CEST	49769	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.842632055 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.842638969 CEST	443	49769	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.846335888 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.846379042 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.846470118 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.846746922 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.846760035 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.986686945 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.992861032 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.992873907 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:14.993655920 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:14.993660927 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.000963926 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.002788067 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.002815008 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.003488064 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.003493071 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.100944996 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.101031065 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.101114035 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.101660013 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.101677895 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.101689100 CEST	49770	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.101695061 CEST	443	49770	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.106828928 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.106898069 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.106945038 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.107986927 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.108027935 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.108097076 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.109075069 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.109093904 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.109102964 CEST	49771	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.109108925 CEST	443	49771	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.113451958 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.113487959 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.113558054 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.114264965 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.114286900 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.114785910 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.114800930 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.116785049 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.117202044 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.117214918 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.117641926 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.117649078 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.158588886 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.159259081 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.159281015 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.160187960 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.160193920 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.219055891 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.219122887 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.219213963 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.219597101 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.219614983 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.219625950 CEST	49773	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.219630957 CEST	443	49773	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.225245953 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.225281954 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.225589037 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.226010084 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.226022959 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.267905951 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.267973900 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.268074989 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.268537998 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.268558025 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.268568039 CEST	49772	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.268573999 CEST	443	49772	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.275186062 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.275209904 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.275469065 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.275763988 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.275775909 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.533015013 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.533653975 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.533670902 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.534158945 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.534163952 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.636343002 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.636439085 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.636497974 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.636760950 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.636781931 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.636794090 CEST	49774	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.636799097 CEST	443	49774	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.640053988 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.640115023 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.640207052 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.640356064 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.640373945 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.777005911 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.777590036 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.777618885 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.778139114 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.778145075 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.792119026 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.792690992 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.792715073 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.793050051 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.793055058 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.875065088 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.875682116 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.875696898 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.876197100 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.876203060 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.878988981 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.879062891 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.879210949 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.879264116 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.879281044 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.879290104 CEST	49775	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.879296064 CEST	443	49775	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.883516073 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.883548975 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.883754969 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.884205103 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.884227991 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.896951914 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.897011995 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.897123098 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.897955894 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.897969961 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.897980928 CEST	49776	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.897985935 CEST	443	49776	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.903551102 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.903590918 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.903671980 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.904141903 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.904159069 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.932214975 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.932722092 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.932746887 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.933633089 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.933641911 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.978770971 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.978828907 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.979036093 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.979238987 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.979239941 CEST	49777	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.979259014 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.979269981 CEST	443	49777	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.983601093 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.983705044 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:15.983802080 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.984064102 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:15.984102964 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.041075945 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.041176081 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.041246891 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.041448116 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.041448116 CEST	49778	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.041470051 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.041480064 CEST	443	49778	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.044696093 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.044729948 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.044965982 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.044965982 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.045005083 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.290462971 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.291129112 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.291156054 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.291650057 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.291656017 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.393280029 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.393345118 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.393416882 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.393680096 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.393698931 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.393709898 CEST	49779	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.393714905 CEST	443	49779	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.397852898 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.397883892 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.398129940 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.398359060 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.398370981 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.566247940 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.566826105 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.566843033 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.567364931 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.567373037 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.572858095 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.573334932 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.573347092 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.573678017 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.573694944 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.643702984 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.644119024 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.644138098 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.644545078 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.644551992 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.670305967 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.670367956 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.670552015 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.670583963 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.670599937 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.670605898 CEST	49781	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.670610905 CEST	443	49781	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.673708916 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.673752069 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.673824072 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.673974037 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.673994064 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.679891109 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.679949999 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.680043936 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.680121899 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.680133104 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.680259943 CEST	49780	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.680268049 CEST	443	49780	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.682369947 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.682403088 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.682466030 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.682607889 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.682634115 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.692353964 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.692715883 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.692723989 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.693273067 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.693294048 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.780494928 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.780555010 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.780654907 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.780874968 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.780874968 CEST	49782	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.780889988 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.780899048 CEST	443	49782	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.784159899 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.784192085 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.784302950 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.784444094 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.784455061 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.792292118 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.792439938 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.792505980 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.792557001 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.792568922 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.792578936 CEST	49783	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.792584896 CEST	443	49783	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.794867039 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.794895887 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:16.794990063 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.795187950 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:16.795200109 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.006288052 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.006882906 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.006901026 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.007457018 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.007462978 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.112252951 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.112323046 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.112495899 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.112632990 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.112647057 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.112654924 CEST	49784	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.112660885 CEST	443	49784	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.115861893 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.115909100 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.116293907 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.116293907 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.116329908 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.358757019 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.359380007 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.359419107 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.359929085 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.359947920 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.363342047 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.363692999 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.363725901 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.364110947 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.364120007 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.456779003 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.457356930 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.457370043 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.457878113 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.457882881 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.460208893 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.460263968 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.460397005 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.460481882 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.460503101 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.460511923 CEST	49786	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.460517883 CEST	443	49786	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.463869095 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.463908911 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.463989973 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.464121103 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.464137077 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.466113091 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.466172934 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.466228008 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.466305971 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.466310024 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.466315985 CEST	49785	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.466319084 CEST	443	49785	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.468425989 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.468461990 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.468597889 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.468682051 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.468694925 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.475183010 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.475519896 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.475543022 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.475910902 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.475917101 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.559503078 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.559564114 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.559655905 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.559842110 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.559860945 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.559866905 CEST	49787	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.559873104 CEST	443	49787	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.562902927 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.562949896 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.563016891 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.563147068 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.563162088 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.577377081 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.577430964 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.577605009 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.577605009 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.577631950 CEST	49788	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.577647924 CEST	443	49788	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.579922915 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.579960108 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.580018997 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.580157995 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.580172062 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.803755999 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.804363012 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.804392099 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.804886103 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.804893017 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.909307957 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.909385920 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.909512997 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.909694910 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.909718037 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.909730911 CEST	49789	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.909739017 CEST	443	49789	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.912826061 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.912867069 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:17.913014889 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.913105011 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:17.913122892 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.121361017 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.121917009 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.121949911 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.122489929 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.122513056 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.130970001 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.131326914 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.131372929 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.131778002 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.131786108 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.223140001 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.223191023 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.223300934 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.223445892 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.223464012 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.223515034 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.223584890 CEST	49791	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.223593950 CEST	443	49791	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.223917007 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.223941088 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.224313974 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.224320889 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.226851940 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.226885080 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.226990938 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.227140903 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.227154016 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.232908010 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.233063936 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.233119965 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.233181953 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.233201027 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.233211994 CEST	49790	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.233217001 CEST	443	49790	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.235330105 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.235353947 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.235492945 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.235635996 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.235647917 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.237262964 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.237699986 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.237716913 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.237972021 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.237982035 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.327755928 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.327816963 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.327888966 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.328186989 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.328206062 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.328216076 CEST	49792	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.328222036 CEST	443	49792	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.331301928 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.331350088 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.331429005 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.331568956 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.331578970 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.337543964 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.337706089 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.337820053 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.337820053 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.337852001 CEST	49793	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.337865114 CEST	443	49793	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.340240955 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.340250969 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.340317965 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.340434074 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.340445042 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.560276031 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.560945034 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.560971975 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.561479092 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.561485052 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.660459995 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.660535097 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.660686970 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.660840034 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.660856962 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.661047935 CEST	49794	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.661056995 CEST	443	49794	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.664417028 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.664448977 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.664514065 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.664669991 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.664680958 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.881783962 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.882385015 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.882406950 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.882870913 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.882877111 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.906183958 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.906645060 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.906656981 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.907080889 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.907088041 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.982901096 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.982964993 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.983012915 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.983221054 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.983242989 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.983254910 CEST	49795	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.983261108 CEST	443	49795	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.986227989 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.986267090 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:18.986326933 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.986433029 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:18.986443043 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.008634090 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.008694887 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.008737087 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.008862972 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.008879900 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.008893013 CEST	49796	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.008897066 CEST	443	49796	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.011209011 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.011241913 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.011341095 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.011434078 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.011439085 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.028707027 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.029067039 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.029092073 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.029515028 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.029520035 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.033739090 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.034061909 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.034070015 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.034470081 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.034475088 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.136198997 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.136251926 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.136351109 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.136634111 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.136652946 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.136658907 CEST	49797	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.136663914 CEST	443	49797	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.140003920 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.140043974 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.140136003 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.140405893 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.140419960 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.142957926 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.143119097 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.143176079 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.143337965 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.143343925 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.143352985 CEST	49798	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.143357038 CEST	443	49798	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.145548105 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.145584106 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.145628929 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.145821095 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.145838022 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.332986116 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.333456993 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.333477974 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.334048986 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.334062099 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.436809063 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.436891079 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.437094927 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.437194109 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.437194109 CEST	49799	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.437210083 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.437212944 CEST	443	49799	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.440946102 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.440989017 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:19.441056967 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.441215992 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:19.441231966 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.677000046 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.677587032 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.677613020 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.677978992 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.678353071 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.678359032 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.678388119 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.678400040 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.678961992 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.678971052 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.779555082 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.779606104 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.779704094 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.779877901 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.779898882 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.779927969 CEST	49800	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.779933929 CEST	443	49800	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.781039000 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.781100988 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.781438112 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.781438112 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.781438112 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.783683062 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.783721924 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.783751965 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.783760071 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.783854008 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.783854008 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.784010887 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.784023046 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.784097910 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.784106016 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.864746094 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.865947962 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.865947962 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.865969896 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.865978956 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.874644041 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.875720024 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.875751972 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.876024961 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.876029968 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.877892017 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.878521919 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.878546953 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.878822088 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.878828049 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.971093893 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.971164942 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.971323967 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.971625090 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.971646070 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.971662998 CEST	49802	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.971672058 CEST	443	49802	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.974674940 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.974720001 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.974811077 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.975060940 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.975075960 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.993801117 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.993973017 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.994054079 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.994093895 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.994093895 CEST	49803	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.994113922 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.994123936 CEST	443	49803	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.995832920 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.995897055 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.996469021 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.996510983 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.996527910 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.996527910 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.996547937 CEST	49804	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.996556044 CEST	443	49804	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.996598005 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.997355938 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.997370958 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.998965025 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.999010086 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:20.999238014 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.999238014 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:20.999268055 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.083858967 CEST	49801	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.083884001 CEST	443	49801	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.464720011 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.466150045 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.466150045 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.466166973 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.466182947 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.470814943 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.471590042 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.471590042 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.471601009 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.471613884 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.565587044 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.565659046 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.565879107 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.565879107 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.565936089 CEST	49805	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.565953016 CEST	443	49805	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.568886995 CEST	49810	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.568921089 CEST	443	49810	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.569156885 CEST	49810	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.569158077 CEST	49810	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.569188118 CEST	443	49810	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.575308084 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.575378895 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.575660944 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.575710058 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.575711012 CEST	49806	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.575717926 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.575746059 CEST	443	49806	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.577964067 CEST	49811	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.578013897 CEST	443	49811	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.578193903 CEST	49811	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.578193903 CEST	49811	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.578229904 CEST	443	49811	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.671283007 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.672209024 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.672209024 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.672223091 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.672239065 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.677725077 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.678652048 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.678652048 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.678679943 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.678687096 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.681171894 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.681874037 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.681874037 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.681900978 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.681915998 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.772265911 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.772367001 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.772470951 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.772617102 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.772617102 CEST	49808	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.772639036 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.772648096 CEST	443	49808	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.775326014 CEST	49812	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.775362968 CEST	443	49812	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.775531054 CEST	49812	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.775665998 CEST	49812	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.775680065 CEST	443	49812	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.783133984 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.783190966 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.783369064 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.783416033 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.783482075 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.783482075 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.783544064 CEST	49809	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.783560038 CEST	443	49809	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.785700083 CEST	49813	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.785736084 CEST	443	49813	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.785872936 CEST	49813	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.785939932 CEST	49813	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.785949945 CEST	443	49813	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.787007093 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.787069082 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.787221909 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.787221909 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.787303925 CEST	49807	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.787317991 CEST	443	49807	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.789055109 CEST	49814	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.789074898 CEST	443	49814	13.107.246.45	192.168.2.8
Oct 13, 2024 18:10:21.789160967 CEST	49814	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.789290905 CEST	49814	443	192.168.2.8	13.107.246.45
Oct 13, 2024 18:10:21.789304018 CEST	443	49814	13.107.246.45	192.168.2.8

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 13, 2024 18:08:57.411765099 CEST	53	52176	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:57.425532103 CEST	53	59034	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:58.588866949 CEST	53	58497	1.1.1.1	192.168.2.8
Oct 13, 2024 18:08:58.796808004 CEST	49551	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:08:58.797142982 CEST	64561	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:09:01.598299026 CEST	62899	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:09:01.598623991 CEST	60980	53	192.168.2.8	1.1.1.1
Oct 13, 2024 18:09:01.606039047 CEST	53	62899	1.1.1.1	192.168.2.8
Oct 13, 2024 18:09:01.607070923 CEST	53	60980	1.1.1.1	192.168.2.8
Oct 13, 2024 18:09:15.547132969 CEST	53	60841	1.1.1.1	192.168.2.8
Oct 13, 2024 18:09:32.383869886 CEST	138	138	192.168.2.8	192.168.2.255
Oct 13, 2024 18:09:34.854197025 CEST	53	54882	1.1.1.1	192.168.2.8
Oct 13, 2024 18:09:56.968521118 CEST	53	60289	1.1.1.1	192.168.2.8
Oct 13, 2024 18:09:57.479732037 CEST	53	52685	1.1.1.1	192.168.2.8

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 13, 2024 18:08:58.796808004 CEST	192.168.2.8	1.1.1.1	0xb1ef	Standard query (0)	static2.sharepointonline.com	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:08:58.797142982 CEST	192.168.2.8	1.1.1.1	0x5691	Standard query (0)	static2.sharepointonline.com	65	IN (0x0001)	false
Oct 13, 2024 18:09:01.598299026 CEST	192.168.2.8	1.1.1.1	0x58b3	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:01.598623991 CEST	192.168.2.8	1.1.1.1	0xc99c	Standard query (0)	www.google.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 13, 2024 18:08:58.804186106 CEST	1.1.1.1	192.168.2.8	0xb1ef	No error (0)	static2.sharepointonline.com	static2.sharepointonline.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2024 18:08:58.805519104 CEST	1.1.1.1	192.168.2.8	0x5691	No error (0)	static2.sharepointonline.com	static2.sharepointonline.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2024 18:09:01.606039047 CEST	1.1.1.1	192.168.2.8	0x58b3	No error (0)	www.google.com		142.250.185.196	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:01.607070923 CEST	1.1.1.1	192.168.2.8	0xc99c	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		84.201.210.38	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		84.201.210.18	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		84.201.210.39	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		217.20.57.42	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		84.201.210.34	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		217.20.57.19	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:11.532634974 CEST	1.1.1.1	192.168.2.8	0xb27a	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		84.201.210.36	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:12.288921118 CEST	1.1.1.1	192.168.2.8	0xcf39	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2024 18:09:12.288921118 CEST	1.1.1.1	192.168.2.8	0xcf39	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:09:25.495718002 CEST	1.1.1.1	192.168.2.8	0xadcd	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2024 18:09:25.495718002 CEST	1.1.1.1	192.168.2.8	0xadcd	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 13, 2024 18:10:06.239645004 CEST	1.1.1.1	192.168.2.8	0x83cc	No error (0)	shed.dual-low.s-part-0017.t-0009.t-msedge.net	s-part-0017.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2024 18:10:06.239645004 CEST	1.1.1.1	192.168.2.8	0x83cc	No error (0)	s-part-0017.t-0009.t-msedge.net		13.107.246.45	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

fs.microsoft.com

slscr.update.microsoft.com

otelrules.azureedge.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.8	49721	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:09:02 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-13 16:09:03 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF70) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=174992 Date: Sun, 13 Oct 2024 16:09:03 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.8	49722	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:09:03 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-13 16:09:04 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=174932 Date: Sun, 13 Oct 2024 16:09:04 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-13 16:09:04 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.8	49723	4.175.87.197	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:09:12 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=2vU4sGatVb97TPY&MD=XmGu58xX HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-13 16:09:12 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 3881db22-f7de-40fc-937d-0b8b52669160 MS-RequestId: 986cebb8-978a-487c-980c-68d6b27981fe MS-CV: ima1YNzAzkK3WBnJ.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Sun, 13 Oct 2024 16:09:12 GMT Connection: close Content-Length: 24490
2024-10-13 16:09:12 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-13 16:09:12 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.8	49730	20.12.23.50	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:09:50 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=2vU4sGatVb97TPY&MD=XmGu58xX HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-13 16:09:50 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: a5a74c65-a1ef-43e1-9001-e8da48e3adac MS-RequestId: 8d10055d-1c49-4410-9684-0704e368f43f MS-CV: QIL3rN0qH06OKSqb.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Sun, 13 Oct 2024 16:09:50 GMT Connection: close Content-Length: 30005
2024-10-13 16:09:50 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-10-13 16:09:50 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Session ID	Source IP	Source Port	Destination IP	Destination Port
4	192.168.2.8	49733	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:07 UTC	195	OUT	GET /rules/other-Win32-v19.bundle HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:07 UTC	540	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:07 GMT Content-Type: text/plain Content-Length: 218853 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public Last-Modified: Sat, 12 Oct 2024 04:31:01 GMT ETag: "0x8DCEA76AD821850" x-ms-request-id: 5e3cf53f-d01e-007a-3ba0-1cf38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161007Z-17db6f7c8cfqxt4wrzg7st2fm800000005ag0000000016qh x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:07 UTC	15844	IN	Data Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20 Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
2024-10-13 16:10:07 UTC	16384	IN	Data Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
5	192.168.2.8	49735	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:08 UTC	193	OUT	GET /rules/rule120402v21s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:08 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:08 GMT Content-Type: text/xml Content-Length: 3788 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC2126A6" x-ms-request-id: 971a1148-a01e-000d-48cd-1ad1ea000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161008Z-17db6f7c8cfvzwz27u5rnq9kpc00000005fg000000004775 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:08 UTC	3788	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""

Session ID	Source IP	Source Port	Destination IP	Destination Port
6	192.168.2.8	49736	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:08 UTC	192	OUT	GET /rules/rule120600v4s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:08 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:08 GMT Content-Type: text/xml Content-Length: 2980 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: a7c7bcc3-d01e-005a-1c62-1c7fd9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161008Z-17db6f7c8cf96l6t7bwyfgbkhw000000046g0000000045eb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:08 UTC	2980	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"

Session ID	Source IP	Source Port	Destination IP	Destination Port
7	192.168.2.8	49737	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:08 UTC	192	OUT	GET /rules/rule120608v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:08 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:08 GMT Content-Type: text/xml Content-Length: 2160 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA3B95D81" x-ms-request-id: b913ea27-a01e-0002-1718-1c5074000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161008Z-17db6f7c8cf8rgvlb86c9c0098000000035000000000c2yf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:08 UTC	2160	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
8	192.168.2.8	49734	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:08 UTC	192	OUT	GET /rules/rule224902v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:08 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:08 GMT Content-Type: text/xml Content-Length: 450 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT ETag: "0x8DC582BD4C869AE" x-ms-request-id: d08e5818-a01e-003d-3417-1c98d7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161008Z-17db6f7c8cf9c22xp43k2gbqvn00000002vg000000000xa3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:08 UTC	450	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN

Session ID	Source IP	Source Port	Destination IP	Destination Port
9	192.168.2.8	49738	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:08 UTC	192	OUT	GET /rules/rule120609v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:08 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:08 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB56D3AFB" x-ms-request-id: 695c64e8-001e-0034-5de7-1add04000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161008Z-17db6f7c8cfnqpbkckdefmqa44000000051g00000000dvwa x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:08 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.8	49740	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:09 UTC	192	OUT	GET /rules/rule120610v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:09 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT ETag: "0x8DC582B9964B277" x-ms-request-id: b1e48aa2-701e-0053-2fa3-1b3a0a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161009Z-17db6f7c8cfbd7pgux3k6qfa600000000420000000005npk x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:09 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.8	49739	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:09 UTC	192	OUT	GET /rules/rule120611v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:09 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT ETag: "0x8DC582B9F6F3512" x-ms-request-id: 66411a6b-c01e-00a1-1eca-1a7e4a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161009Z-17db6f7c8cf5mtxmr1c51513n000000005b00000000066rb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:09 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.8	49742	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:09 UTC	192	OUT	GET /rules/rule120613v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:09 GMT Content-Type: text/xml Content-Length: 632 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6E3779E" x-ms-request-id: c77ee0be-a01e-0032-0c24-1b1949000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161009Z-17db6f7c8cf6qp7g7r97wxgbqc00000004k0000000000fs5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:09 UTC	632	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]\|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.8	49743	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:09 UTC	192	OUT	GET /rules/rule120614v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:09 GMT Content-Type: text/xml Content-Length: 467 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6C038BC" x-ms-request-id: dbc5b3b7-c01e-00a2-28e5-1a2327000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161009Z-17db6f7c8cfspvtq2pgqb2w5k0000000051g00000000582u x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:09 UTC	467	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.8	49741	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:09 UTC	192	OUT	GET /rules/rule120612v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:09 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:09 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT ETag: "0x8DC582BB10C598B" x-ms-request-id: a417ae39-101e-008e-1f1c-1bcf88000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161009Z-17db6f7c8cfhrxld7punfw920n00000003z0000000001hg4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:09 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
15	192.168.2.8	49744	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:10 UTC	192	OUT	GET /rules/rule120615v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:10 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:10 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBAD04B7B" x-ms-request-id: c9e2a668-e01e-001f-5fd7-1a1633000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161010Z-17db6f7c8cfvzwz27u5rnq9kpc00000005f0000000005y1a x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:10 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.8	49746	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:10 UTC	192	OUT	GET /rules/rule120617v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:10 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT ETag: "0x8DC582BA310DA18" x-ms-request-id: 458f517b-301e-000c-2fe6-1a323f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161010Z-17db6f7c8cf5mtxmr1c51513n000000005a0000000008f38 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:11 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.8	49747	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:10 UTC	192	OUT	GET /rules/rule120618v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:10 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:10 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT ETag: "0x8DC582B9018290B" x-ms-request-id: 4a155f70-001e-0017-2dd7-1a0c3c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161010Z-17db6f7c8cfqxt4wrzg7st2fm8000000054000000000f3rp x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:10 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
18	192.168.2.8	49748	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:10 UTC	192	OUT	GET /rules/rule120619v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:10 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT ETag: "0x8DC582B9698189B" x-ms-request-id: 6fbaa347-101e-0034-2f47-1c96ff000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161010Z-17db6f7c8cfpm9w8b1ybgtytds000000032g00000000627x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:11 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
19	192.168.2.8	49745	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:10 UTC	192	OUT	GET /rules/rule120616v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:10 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB344914B" x-ms-request-id: bef1d05a-c01e-0034-2ea3-1b2af6000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161010Z-17db6f7c8cfvq8pt2ak3arkg6n000000033g000000008a0g x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:11 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
20	192.168.2.8	49749	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:11 UTC	192	OUT	GET /rules/rule120620v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:11 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA701121" x-ms-request-id: 23cc8f65-401e-0048-2a25-1c0409000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161011Z-17db6f7c8cfpm9w8b1ybgtytds00000002y000000000evzn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:11 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
21	192.168.2.8	49751	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:11 UTC	192	OUT	GET /rules/rule120622v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:11 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8CEAC16" x-ms-request-id: b287654a-001e-0017-109b-1b0c3c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161011Z-17db6f7c8cfhrxld7punfw920n00000003y000000000392e x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:11 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
22	192.168.2.8	49750	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:11 UTC	192	OUT	GET /rules/rule120621v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:11 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:11 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA41997E3" x-ms-request-id: b85ce019-d01e-0028-4fe2-1a7896000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161011Z-17db6f7c8cfhrxld7punfw920n00000003wg000000006b4c x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:11 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
23	192.168.2.8	49752	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:11 UTC	192	OUT	GET /rules/rule120623v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:11 GMT Content-Type: text/xml Content-Length: 464 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97FB6C3C" x-ms-request-id: 92873adb-b01e-003e-0957-1c8e41000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161011Z-17db6f7c8cfcrfgzd01a8emnyg00000002rg00000000110z x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	464	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.8	49753	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:11 UTC	192	OUT	GET /rules/rule120624v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:11 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB7010D66" x-ms-request-id: 55879866-201e-0033-5b1c-1cb167000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161011Z-17db6f7c8cf8rgvlb86c9c0098000000039g000000003v22 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
25	192.168.2.8	49754	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:12 UTC	192	OUT	GET /rules/rule120625v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:12 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT ETag: "0x8DC582B9748630E" x-ms-request-id: 94304cac-901e-0048-809f-1bb800000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161012Z-17db6f7c8cfhrxld7punfw920n00000003t000000000dk9r x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
26	192.168.2.8	49755	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:12 UTC	192	OUT	GET /rules/rule120626v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:12 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DACDF62" x-ms-request-id: 94af937e-501e-0047-50ca-1ace6c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161012Z-17db6f7c8cfbr2wt66emzt78g400000004pg000000007fe6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
27	192.168.2.8	49756	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:12 UTC	192	OUT	GET /rules/rule120627v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:12 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT ETag: "0x8DC582B9E8EE0F3" x-ms-request-id: fa6a24a8-e01e-0099-78e3-1ada8a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161012Z-17db6f7c8cfhzb2znbk0zyvf6n00000004q000000000fc27 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
28	192.168.2.8	49758	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:12 UTC	192	OUT	GET /rules/rule120629v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:12 GMT Content-Type: text/xml Content-Length: 428 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC4F34CA" x-ms-request-id: 6ca0adc2-b01e-0021-19e3-1acab7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161012Z-17db6f7c8cfspvtq2pgqb2w5k000000004yg00000000cd3w x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	428	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
29	192.168.2.8	49757	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:12 UTC	192	OUT	GET /rules/rule120628v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:12 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:12 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C8E04C8" x-ms-request-id: b59689ad-601e-005c-3fe1-1af06f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161012Z-17db6f7c8cfbr2wt66emzt78g400000004n000000000ata5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:12 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.8	49760	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:13 UTC	192	OUT	GET /rules/rule120631v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:13 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B988EBD12" x-ms-request-id: 3776c2af-901e-0048-1a6f-1cb800000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161013Z-17db6f7c8cfmhggkx889x958tc000000027g00000000cwef x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:13 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
31	192.168.2.8	49759	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:13 UTC	192	OUT	GET /rules/rule120630v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:13 GMT Content-Type: text/xml Content-Length: 499 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT ETag: "0x8DC582B98CEC9F6" x-ms-request-id: b009cb16-301e-0051-17aa-1b38bb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161013Z-17db6f7c8cfgqlr45m385mnngs00000003ng00000000b3bt x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:13 UTC	499	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
32	192.168.2.8	49761	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:13 UTC	192	OUT	GET /rules/rule120632v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:13 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5815C4C" x-ms-request-id: 9dc98f41-601e-0097-4647-1cf33a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161013Z-17db6f7c8cfqxt4wrzg7st2fm800000005ag0000000016vc x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:13 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
33	192.168.2.8	49763	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:13 UTC	192	OUT	GET /rules/rule120634v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:13 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8972972" x-ms-request-id: 1507c9f1-d01e-007a-72eb-1af38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161013Z-17db6f7c8cfhrxld7punfw920n00000003xg000000004ezn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:13 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
34	192.168.2.8	49762	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:13 UTC	192	OUT	GET /rules/rule120633v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:13 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:13 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB32BB5CB" x-ms-request-id: d4fa587e-101e-008e-331f-1ccf88000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161013Z-17db6f7c8cfvq8pt2ak3arkg6n00000003700000000006wy x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:13 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
35	192.168.2.8	49764	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:13 UTC	192	OUT	GET /rules/rule120635v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:14 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:14 GMT Content-Type: text/xml Content-Length: 420 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DAE3EC0" x-ms-request-id: c832ddd9-b01e-0084-55ca-1ad736000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161014Z-17db6f7c8cf5mtxmr1c51513n000000005ag000000006w01 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:14 UTC	420	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O

Session ID	Source IP	Source Port	Destination IP	Destination Port
36	192.168.2.8	49765	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:14 UTC	192	OUT	GET /rules/rule120636v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:14 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:14 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D43097E" x-ms-request-id: 30f6abec-501e-005b-072b-1ad7f7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161014Z-17db6f7c8cfbd7pgux3k6qfa6000000003xg00000000e0wr x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:14 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
37	192.168.2.8	49766	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:14 UTC	192	OUT	GET /rules/rule120637v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:14 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:14 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT ETag: "0x8DC582BA909FA21" x-ms-request-id: 69483ed4-001e-0034-56df-1add04000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161014Z-17db6f7c8cf6qp7g7r97wxgbqc00000004gg000000003n3b x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:14 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
38	192.168.2.8	49768	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:14 UTC	192	OUT	GET /rules/rule120639v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:14 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:14 GMT Content-Type: text/xml Content-Length: 423 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT ETag: "0x8DC582BB7564CE8" x-ms-request-id: f4abfb5c-001e-00a2-33e5-1ad4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161014Z-17db6f7c8cf4g2pjavqhm24vp400000005bg000000005vax x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:14 UTC	423	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0

Session ID	Source IP	Source Port	Destination IP	Destination Port
39	192.168.2.8	49767	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:14 UTC	192	OUT	GET /rules/rule120638v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:14 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:14 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT ETag: "0x8DC582B92FCB436" x-ms-request-id: 4ea1e91c-d01e-0066-2741-1cea17000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161014Z-17db6f7c8cfjxfnba42c5rukwg00000001z000000000gvsf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:14 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
40	192.168.2.8	49769	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:14 UTC	192	OUT	GET /rules/rule120640v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:14 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:14 GMT Content-Type: text/xml Content-Length: 478 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT ETag: "0x8DC582B9B233827" x-ms-request-id: 49fa3939-001e-0017-20cd-1a0c3c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161014Z-17db6f7c8cfq2j6f03aq9y8dns00000004b000000000732b x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:14 UTC	478	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
41	192.168.2.8	49770	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:14 UTC	192	OUT	GET /rules/rule120642v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT ETag: "0x8DC582BB046B576" x-ms-request-id: 7c051060-401e-008c-630d-1c86c2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cf96l6t7bwyfgbkhw000000047g000000001bdq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
42	192.168.2.8	49771	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120641v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B95C61A3C" x-ms-request-id: 421ec19d-901e-002a-55e6-1c7a27000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cfjxfnba42c5rukwg000000020000000000e1e2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
43	192.168.2.8	49773	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120644v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7D702D0" x-ms-request-id: 5aec4ebb-b01e-0002-57ca-1a1b8f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cfnqpbkckdefmqa44000000053g0000000094ev x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
44	192.168.2.8	49772	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120643v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 400 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2D62837" x-ms-request-id: f87a91c5-201e-0085-2157-1c34e3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cfcrfgzd01a8emnyg00000002pg000000006cr8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	400	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
45	192.168.2.8	49774	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120645v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 425 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BBA25094F" x-ms-request-id: 0fbb1da2-e01e-0085-1521-1cc311000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cfjxfnba42c5rukwg0000000260000000001fxr x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	425	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=

Session ID	Source IP	Source Port	Destination IP	Destination Port
46	192.168.2.8	49775	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120646v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2BE84FD" x-ms-request-id: b2260943-f01e-0052-0b1c-1c9224000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cf9c22xp43k2gbqvn00000002r000000000aab0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
47	192.168.2.8	49776	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120647v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 448 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB389F49B" x-ms-request-id: c027d4fd-301e-005d-2016-1ce448000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cfvtw4hh2496wp8p800000003p0000000000zqe x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	448	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>

Session ID	Source IP	Source Port	Destination IP	Destination Port
48	192.168.2.8	49777	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120648v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:15 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 491 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B98B88612" x-ms-request-id: 9ba87e07-d01e-008e-2ae9-1a387a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cffhvbz3mt0ydz7x4000000039000000000bf1s x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:15 UTC	491	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
49	192.168.2.8	49778	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:15 UTC	192	OUT	GET /rules/rule120649v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:15 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT ETag: "0x8DC582BAEA4B445" x-ms-request-id: 06589d36-d01e-0065-18bf-1ab77a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161015Z-17db6f7c8cfhzb2znbk0zyvf6n00000004q000000000fc5v x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:16 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
50	192.168.2.8	49779	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:16 UTC	192	OUT	GET /rules/rule120650v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:16 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989EE75B" x-ms-request-id: 4508f1f3-f01e-0096-78e2-1a10ef000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161016Z-17db6f7c8cfbd7pgux3k6qfa6000000003x000000000fqs5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:16 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
51	192.168.2.8	49781	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:16 UTC	192	OUT	GET /rules/rule120652v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:16 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97E6FCDD" x-ms-request-id: 24993946-c01e-008e-55d7-1a7381000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161016Z-17db6f7c8cfbd7pgux3k6qfa60000000041g00000000657f x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:16 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
52	192.168.2.8	49780	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:16 UTC	192	OUT	GET /rules/rule120651v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:16 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: 77f86656-001e-000b-08e7-1a15a7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161016Z-17db6f7c8cfhzb2znbk0zyvf6n00000004w0000000003wu6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:16 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
53	192.168.2.8	49782	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:16 UTC	192	OUT	GET /rules/rule120653v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:16 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C710B28" x-ms-request-id: 01727dbb-701e-0032-7b9f-1ba540000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161016Z-17db6f7c8cfq2j6f03aq9y8dns000000047000000000ent2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:16 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
54	192.168.2.8	49783	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:16 UTC	192	OUT	GET /rules/rule120654v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:16 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:16 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT ETag: "0x8DC582BA54DCC28" x-ms-request-id: bf053e75-701e-000d-6f20-1b6de3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161016Z-17db6f7c8cfq2j6f03aq9y8dns000000047g00000000dtb6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:16 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
55	192.168.2.8	49784	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:17 UTC	192	OUT	GET /rules/rule120655v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:17 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:17 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7F164C3" x-ms-request-id: c0284108-301e-005d-6416-1ce448000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161017Z-17db6f7c8cfvtw4hh2496wp8p800000003kg000000006y0c x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:17 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
56	192.168.2.8	49786	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:17 UTC	192	OUT	GET /rules/rule120657v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:17 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:17 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT ETag: "0x8DC582B9FF95F80" x-ms-request-id: 150221b2-d01e-007a-13e9-1af38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161017Z-17db6f7c8cf96l6t7bwyfgbkhw0000000440000000009ptt x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:17 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
57	192.168.2.8	49785	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:17 UTC	192	OUT	GET /rules/rule120656v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:17 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:17 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT ETag: "0x8DC582BA48B5BDD" x-ms-request-id: 7a29fcb1-e01e-0003-091e-1c0fa8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161017Z-17db6f7c8cfp6mfve0htepzbps00000004kg000000005cga x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:17 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
58	192.168.2.8	49787	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:17 UTC	192	OUT	GET /rules/rule120658v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:17 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:17 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT ETag: "0x8DC582BB650C2EC" x-ms-request-id: 90f8132d-901e-002a-0d47-1c7a27000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161017Z-17db6f7c8cfpm9w8b1ybgtytds00000003300000000053r3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:17 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
59	192.168.2.8	49788	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:17 UTC	192	OUT	GET /rules/rule120659v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:17 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:17 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3EAF226" x-ms-request-id: 8f8e431e-b01e-0097-6fac-1b4f33000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161017Z-17db6f7c8cf6f7vv3recfp4a6w000000024g00000000b4kb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:17 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I

Session ID	Source IP	Source Port	Destination IP	Destination Port
60	192.168.2.8	49789	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:17 UTC	192	OUT	GET /rules/rule120660v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:17 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:17 GMT Content-Type: text/xml Content-Length: 485 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT ETag: "0x8DC582BB9769355" x-ms-request-id: 7a709d5d-301e-0099-436d-1c6683000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161017Z-17db6f7c8cf9wwz8ehu7c5p33g00000002b000000000c0vm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:17 UTC	485	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
61	192.168.2.8	49791	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120662v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 470 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBB181F65" x-ms-request-id: e64af527-401e-0015-1bcc-1a0e8d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cfspvtq2pgqb2w5k0000000050g000000007y35 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:18 UTC	470	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
62	192.168.2.8	49790	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120661v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 411 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989AF051" x-ms-request-id: d286cfb1-001e-0079-076b-1c12e8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cfvzwz27u5rnq9kpc00000005g0000000003ggq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:18 UTC	411	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
63	192.168.2.8	49792	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120663v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT ETag: "0x8DC582BB556A907" x-ms-request-id: 640ec2fa-901e-0083-59e1-1abb55000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cfvzwz27u5rnq9kpc00000005f0000000005yp4 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:18 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
64	192.168.2.8	49793	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120664v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 502 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6A0D312" x-ms-request-id: 23e49b38-a01e-001e-1147-1c49ef000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cfcl4jvqfdxaxz9w800000002eg00000000bruc x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:18 UTC	502	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
65	192.168.2.8	49794	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120665v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D30478D" x-ms-request-id: 94508d5b-e01e-0052-6824-1ad9df000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cfwtn5x6ye8p8q9m000000003r0000000006xar x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:18 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
66	192.168.2.8	49795	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120666v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:18 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3F48DAE" x-ms-request-id: a84dc0aa-d01e-002b-1b83-1b25fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cfhrxld7punfw920n00000003sg00000000ffch x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:18 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
67	192.168.2.8	49796	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:18 UTC	192	OUT	GET /rules/rule120667v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:19 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:18 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BB9B6040B" x-ms-request-id: d2b2f6f8-f01e-0085-0622-1c88ea000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161018Z-17db6f7c8cf6f7vv3recfp4a6w000000021g00000000fs17 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:19 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
68	192.168.2.8	49797	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:19 UTC	192	OUT	GET /rules/rule120668v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:19 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:19 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3CAEBB8" x-ms-request-id: 1bfa4875-a01e-0084-0b1c-1c9ccd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161019Z-17db6f7c8cfcrfgzd01a8emnyg00000002pg000000006czc x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:19 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
69	192.168.2.8	49798	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:19 UTC	192	OUT	GET /rules/rule120669v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:19 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:19 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT ETag: "0x8DC582BB5284CCE" x-ms-request-id: c0a86c07-d01e-007a-0a2f-1cf38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161019Z-17db6f7c8cfhzb2znbk0zyvf6n00000004qg00000000fhnq x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:19 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
70	192.168.2.8	49799	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:19 UTC	192	OUT	GET /rules/rule120670v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:19 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:19 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT ETag: "0x8DC582B91EAD002" x-ms-request-id: 24028bf8-401e-00a3-4b1c-1c8b09000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161019Z-17db6f7c8cfjxfnba42c5rukwg0000000250000000003prt x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:19 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
71	192.168.2.8	49800	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:20 UTC	192	OUT	GET /rules/rule120671v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:20 GMT Content-Type: text/xml Content-Length: 432 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT ETag: "0x8DC582BAABA2A10" x-ms-request-id: 581fb33a-501e-00a0-339b-1b9d9f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161020Z-17db6f7c8cfvq8pt2ak3arkg6n000000031g00000000cty5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:20 UTC	432	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T

Session ID	Source IP	Source Port	Destination IP	Destination Port
72	192.168.2.8	49801	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:20 UTC	192	OUT	GET /rules/rule120672v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:20 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA740822" x-ms-request-id: 69457385-001e-0034-42de-1add04000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161020Z-17db6f7c8cf5mtxmr1c51513n000000005cg00000000316w x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:20 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
73	192.168.2.8	49802	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:20 UTC	192	OUT	GET /rules/rule120673v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:20 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT ETag: "0x8DC582BB464F255" x-ms-request-id: fb28d4b6-101e-0028-4b69-1c8f64000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161020Z-17db6f7c8cf9c22xp43k2gbqvn00000002qg00000000bt7q x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:20 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
74	192.168.2.8	49803	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:20 UTC	192	OUT	GET /rules/rule120674v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:20 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA4037B0D" x-ms-request-id: eb876971-601e-0001-084f-1cfaeb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161020Z-17db6f7c8cfcrfgzd01a8emnyg00000002hg00000000dafn x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:20 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
75	192.168.2.8	49804	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:20 UTC	192	OUT	GET /rules/rule120675v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:20 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:20 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6CF78C8" x-ms-request-id: 7d3f2e15-101e-00a2-5aca-1a9f2e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161020Z-17db6f7c8cfnqpbkckdefmqa440000000560000000004edg x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:20 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
76	192.168.2.8	49805	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:21 UTC	192	OUT	GET /rules/rule120676v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:21 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:21 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B984BF177" x-ms-request-id: 284a1447-301e-0000-211b-1ceecc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161021Z-17db6f7c8cfvq8pt2ak3arkg6n000000033g000000008ak0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:21 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
77	192.168.2.8	49806	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:21 UTC	192	OUT	GET /rules/rule120677v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:21 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:21 GMT Content-Type: text/xml Content-Length: 405 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT ETag: "0x8DC582B942B6AFF" x-ms-request-id: 67a092be-301e-0099-76e2-1a6683000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161021Z-17db6f7c8cfhzb2znbk0zyvf6n00000004s000000000c3w2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:21 UTC	405	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
78	192.168.2.8	49808	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:21 UTC	192	OUT	GET /rules/rule120679v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:21 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:21 GMT Content-Type: text/xml Content-Length: 174 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT ETag: "0x8DC582B91D80E15" x-ms-request-id: 36d40921-f01e-0085-6daa-1c88ea000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161021Z-17db6f7c8cfspvtq2pgqb2w5k000000004w000000000ggvt x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:21 UTC	174	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>

Session ID	Source IP	Source Port	Destination IP	Destination Port
79	192.168.2.8	49809	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:21 UTC	192	OUT	GET /rules/rule120680v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:21 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:21 GMT Content-Type: text/xml Content-Length: 1952 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B956B0F3D" x-ms-request-id: 739bd3f0-001e-0034-450f-1cdd04000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161021Z-17db6f7c8cf8rgvlb86c9c0098000000035000000000c49n x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:21 UTC	1952	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
80	192.168.2.8	49807	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:21 UTC	192	OUT	GET /rules/rule120678v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:21 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:21 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA642BF4" x-ms-request-id: 38d12744-701e-0050-7297-1b6767000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161021Z-17db6f7c8cf9c22xp43k2gbqvn00000002ng00000000fsse x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:21 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
81	192.168.2.8	49811	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	192	OUT	GET /rules/rule120682v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:22 GMT Content-Type: text/xml Content-Length: 501 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT ETag: "0x8DC582BACFDAACD" x-ms-request-id: f76b9983-801e-0047-0eec-1a7265000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161022Z-17db6f7c8cfqkqk8bn4ck6f72000000004tg00000000f1f0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:22 UTC	501	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
82	192.168.2.8	49810	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	192	OUT	GET /rules/rule120681v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:22 UTC	470	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:22 GMT Content-Type: text/xml Content-Length: 958 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT ETag: "0x8DC582BA0A31B3B" x-ms-request-id: f4b6e6ad-001e-00a2-4de9-1ad4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161022Z-17db6f7c8cfhzb2znbk0zyvf6n00000004q000000000fcf0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:22 UTC	958	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.8	49812	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	193	OUT	GET /rules/rule120602v10s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:22 UTC	584	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:22 GMT Content-Type: text/xml Content-Length: 2592 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5B890DB" x-ms-request-id: 5e4857da-301e-0051-0d6e-1d38bb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161022Z-17db6f7c8cfcl4jvqfdxaxz9w800000002g0000000009a27 x-fd-int-roxy-purgeid: 0 X-Cache-Info: L1_T2 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:22 UTC	2592	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=

Session ID	Source IP	Source Port	Destination IP	Destination Port
84	192.168.2.8	49813	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	192	OUT	GET /rules/rule120601v3s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:22 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:22 GMT Content-Type: text/xml Content-Length: 3342 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT ETag: "0x8DC582B927E47E9" x-ms-request-id: 2551f31e-501e-00a3-36a9-1cc0f2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161022Z-17db6f7c8cf9wwz8ehu7c5p33g00000002f0000000002uf2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:22 UTC	3342	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI

Session ID	Source IP	Source Port	Destination IP	Destination Port
85	192.168.2.8	49814	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	193	OUT	GET /rules/rule224901v11s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:22 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:22 GMT Content-Type: text/xml Content-Length: 2284 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT ETag: "0x8DC582BCD58BEEE" x-ms-request-id: 0cb7a61f-501e-0064-6562-1c1f54000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161022Z-17db6f7c8cf9wwz8ehu7c5p33g00000002e0000000005eh1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:22 UTC	2284	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"

Session ID	Source IP	Source Port	Destination IP	Destination Port
86	192.168.2.8	49815	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	192	OUT	GET /rules/rule701201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:23 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:23 GMT Content-Type: text/xml Content-Length: 1393 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT ETag: "0x8DC582BE3E55B6E" x-ms-request-id: 588a334f-a01e-0098-1acf-1a8556000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161023Z-17db6f7c8cfqkqk8bn4ck6f72000000004z0000000002w3t x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:23 UTC	1393	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"

Session ID	Source IP	Source Port	Destination IP	Destination Port
87	192.168.2.8	49816	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:22 UTC	192	OUT	GET /rules/rule701200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net

Session ID	Source IP	Source Port	Destination IP	Destination Port
88	192.168.2.8	49817	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:23 UTC	192	OUT	GET /rules/rule700201v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net

Session ID	Source IP	Source Port	Destination IP	Destination Port
89	192.168.2.8	49818	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:23 UTC	192	OUT	GET /rules/rule700200v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:23 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:23 GMT Content-Type: text/xml Content-Length: 1356 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT ETag: "0x8DC582BDF66E42D" x-ms-request-id: 3704a696-901e-0048-3641-1cb800000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161023Z-17db6f7c8cfcrfgzd01a8emnyg00000002n000000000996t x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:23 UTC	1356	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">

Session ID	Source IP	Source Port	Destination IP	Destination Port
90	192.168.2.8	49819	13.107.246.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-13 16:10:23 UTC	192	OUT	GET /rules/rule702351v1s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-13 16:10:23 UTC	563	IN	HTTP/1.1 200 OK Date: Sun, 13 Oct 2024 16:10:23 GMT Content-Type: text/xml Content-Length: 1395 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT ETag: "0x8DC582BE017CAD3" x-ms-request-id: b7d01dc4-701e-0032-5f3b-1ca540000000 x-ms-version: 2018-03-28 x-azure-ref: 20241013T161023Z-17db6f7c8cfvq8pt2ak3arkg6n000000034g000000006152 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-13 16:10:23 UTC	1395	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 1640, Parent PID: 6020

General

Target ID:	0
Start time:	12:08:52
Start date:	13/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 1528, Parent PID: 1640

General

Target ID:	2
Start time:	12:08:55
Start date:	13/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1912,i,17811236556600939790,4215623662459134640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 5900, Parent PID: 6020

General

Target ID:	3
Start time:	12:08:57
Start date:	13/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

World Map of Contacted IPs

Public IPs

Private

General Information

Errors

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

C:\Users\user\Downloads\b2082218-ebe9-4ea0-a51e-be0a32003707.tmp

C:\Users\user\Downloads\segoeui-light.ttf (copy)

C:\Users\user\Downloads\segoeui-light.ttf.crdownload

Chrome Cache Entry: 66

Static File Info

File Icon

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 1640, Parent PID: 6020

General

Chronological Activities

Analysis Process: chrome.exePID: 1528, Parent PID: 1640

General

Windows Analysis Report
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.ttf