Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ==

Overview

General Information

Sample URL:https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ==
Analysis ID:1541376
Infos:
Errors
  • URL not reachable

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3816 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6056 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2016,i,15713423510889815300,16626858676519988976,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6968 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1Host: docusign.cureprojecti.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1Host: docusign.cureprojecti.euConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1Host: docusign.cureprojecti.euConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1Host: docusign.cureprojecti.euConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1Host: docusign.cureprojecti.euConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: docusign.cureprojecti.eu
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: classification engineClassification label: unknown0.win@19/6@4/4
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2016,i,15713423510889815300,16626858676519988976,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2016,i,15713423510889815300,16626858676519988976,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    docusign.cureprojecti.eu
    		104.234.37.42
    		truefalse
      		unknown
      s-part-0017.t-0009.t-msedge.net
      		13.107.246.45
      		truefalse
        		unknown
        www.google.com
        		142.250.184.196
        		truefalse
          		unknown
          fp2e7a.wpc.phicdn.net
          		192.229.221.95
          		truefalse
            		unknown

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ==false
              		unknown

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              142.250.184.196
              		www.google.comUnited States
              		15169GOOGLEUSfalse
              239.255.255.250
              		unknownReserved
              		unknownunknownfalse
              104.234.37.42
              		docusign.cureprojecti.euCanada
              		30407VELCOMCAfalse

              Private

              IP
              192.168.2.5

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1541376
              Start date and time:2024-10-24 18:46:05 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:0h 1m 56s
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:browseurl.jbs
              Sample URL:https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ==
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:6
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • HCA enabled
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Detection:UNKNOWN
              Classification:unknown0.win@19/6@4/4
              EGA Information:Failed
              HCA Information:
              • Successful, ratio: 100%
              • Number of executed functions: 0
              • Number of non-executed functions: 0
              Cookbook Comments:
              • URL browsing timeout or error

              Errors

              • URL not reachable

              Warnings

              • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
              • Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.250.185.238, 64.233.167.84, 34.104.35.123, 20.109.210.53, 199.232.210.172, 192.229.221.95, 20.242.39.171
              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
              • Not all processes where analyzed, report is missing behavior information
              • Report size getting too big, too many NtSetInformationFile calls found.
              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
              • VT rate limit hit for: https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ==

              Simulations

              Behavior and APIs

              No simulations

              Joe Sandbox View / Context

              IPs

              No context

              Domains

              No context

              ASNs

              No context

              JA3 Fingerprints

              No context

              Dropped Files

              No context

              Created / dropped Files

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:47:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2677
              Entropy (8bit):3.9810975282470555
              Encrypted:false
              SSDEEP:48:88dsTQsnH0cidAKZdA19ehwiZUklqehwy+3:8rnbTy
              MD5:6A4E4FC860118887426138BD1F64EC17
              SHA1:CA705A7C88DC4CF99CC1B7E6F289DAA7466222F9
              SHA-256:F68C5AE52474BA63FBAAE7DEC3C242966DBA17136809DBDDD9E6982FC02A42DE
              SHA-512:5029C7194D37C6291F8FB64677F2756464A602397154EA34A08BCA80F7540AE03551CDAAC5805844E0C6609C07A603F46FBF5F0A34789E89CF57D072D13468B6
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,....-..Y4&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~.k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:47:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2679
              Entropy (8bit):3.996945305260832
              Encrypted:false
              SSDEEP:48:8jdsTQsnH0cidAKZdA1weh/iZUkAQkqehDy+2:8inp9QSy
              MD5:A109377A5B3377EA923AEB15A716D345
              SHA1:29D042D91B2E6ADE3DA25681A9381AE5B23FB88C
              SHA-256:01CF382E81B2D470C676A094B70E32721BD5A353123C04003FD28D8B148E1EBA
              SHA-512:CBFC5574FA1EBB3AB41CE0AA8B1BEF9271CDD9A408F474959E48B5DE88BC0EDDA2309BBD6BF734062FB16E82D786F665FC2787C4C222F629579D8ACE572FDF3B
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......Y4&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~.k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2693
              Entropy (8bit):4.007538871636484
              Encrypted:false
              SSDEEP:48:8xVdsTQssH0cidAKZdA14tseh7sFiZUkmgqeh7sdy+BX:8xUnknXy
              MD5:99536385FE31DC1BDF617A273CB2EC42
              SHA1:30802DF0E4B6D4F2CAC28ACE43B2E2B6F324F4AF
              SHA-256:1E5EBE3A14016E34C150288EF689D28CD888C53AE2B33B37295D0DF2A129DBA9
              SHA-512:B8C91596917B437E808E9E0CE9E6BB903E5E7BD0E8581989458D6D189EB2AD173E4E86A754EEEA6CB79562B8E329C88C9BD1849B774A4809806B81877AC25511
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~.k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:47:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2681
              Entropy (8bit):3.9941552552801465
              Encrypted:false
              SSDEEP:48:8KdsTQsnH0cidAKZdA1vehDiZUkwqehfy+R:85nqFy
              MD5:AFBD657FC25EDE63EEC61B84C20C47A0
              SHA1:A81D339577F168E9A8009C6776BD5AA6DC666D53
              SHA-256:A499E764BCBDE1922D166AFD447729EB56DCE18517958EB6FE14E95E016584C0
              SHA-512:3D06BA2FB64E7DE6314C87BB3A9161BBE2FAAA40407ECC1E2588419939089FD027E82513750B5C0CE8639E776F8085E804A46BB429F95A06F7636F0C3F0CD1E9
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,.....f.Y4&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~.k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:47:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2681
              Entropy (8bit):3.9847073564765076
              Encrypted:false
              SSDEEP:48:8SdsTQsnH0cidAKZdA1hehBiZUk1W1qehhy+C:8hnK9By
              MD5:895621550469A1F1EAB6D248F7B61C93
              SHA1:B6212E9CE85483D54266FE8A4BC8DCD26447E899
              SHA-256:2E36D0697A5982DA7FCEF2674CED46E8B267E426F433538D6DBDA701629632CD
              SHA-512:390A84EB50C19F5CDB1FB8EA5524880848DB3E5FACF133FA6FC19FB38CAF9D31B6F1FD08FEC103B1070A1E02864562664D38F68F5A9E466B31C56B7E626D6475
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,.......Y4&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~.k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 15:47:02 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2683
              Entropy (8bit):3.9921449827542657
              Encrypted:false
              SSDEEP:48:8rdsTQsnH0cidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbXy+yT+:8KnUT/TbxWOvTbXy7T
              MD5:051F0E56E7755AF8C18956A9CA5F0FB2
              SHA1:AE0FAF93FC4299EAA2F16B9B5C7D0A0C99DF05B4
              SHA-256:B60A627201FEF57776C8818DA85325616308256ED729419F6C77CD72C27ADD2A
              SHA-512:3665FAEF73E311F17E1163B2AFAE51F4DCDFC9296D0C44C31525AD6E2C1884356EA647DA5D994D6A3ECDC87D800DD1EE2B2D8B8A5036019599E8811F1657C40D
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,.......Y4&..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VXY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VXY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VXY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............~.k.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              Static File Info

              No static file info

              Network Behavior

              Network Port Distribution

              TCP Packets

              TimestampSource PortDest PortSource IPDest IP
              Oct 24, 2024 18:46:54.025767088 CEST49674443192.168.2.523.1.237.91
              Oct 24, 2024 18:46:54.025849104 CEST49675443192.168.2.523.1.237.91
              Oct 24, 2024 18:46:54.166366100 CEST49673443192.168.2.523.1.237.91
              Oct 24, 2024 18:47:02.333879948 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:02.333925962 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:02.334003925 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:02.334232092 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:02.334336042 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:02.334417105 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:02.334602118 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:02.334619045 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:02.334974051 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:02.335010052 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.007545948 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.011292934 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.011307955 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.012868881 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.012960911 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.014169931 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.014269114 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.014385939 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.014404058 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.121023893 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.213624954 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.226061106 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.226125956 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.229463100 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.229567051 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.238049030 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.238300085 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.290827036 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.290877104 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.337479115 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.635307074 CEST49675443192.168.2.523.1.237.91
              Oct 24, 2024 18:47:03.635533094 CEST49674443192.168.2.523.1.237.91
              Oct 24, 2024 18:47:03.768054008 CEST49673443192.168.2.523.1.237.91
              Oct 24, 2024 18:47:03.826164007 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.826313019 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:03.826493979 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.973623991 CEST49709443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:03.973647118 CEST44349709104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:04.972296000 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:04.972358942 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:04.972434044 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:04.972668886 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:04.972687006 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:05.020385027 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.020488024 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.020574093 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.021114111 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.021152020 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.028338909 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.075340033 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.788752079 CEST4434970323.1.237.91192.168.2.5
              Oct 24, 2024 18:47:05.788959980 CEST49703443192.168.2.523.1.237.91
              Oct 24, 2024 18:47:05.791349888 CEST4434970323.1.237.91192.168.2.5
              Oct 24, 2024 18:47:05.791419029 CEST49703443192.168.2.523.1.237.91
              Oct 24, 2024 18:47:05.796041012 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.796458960 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.796492100 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.796961069 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.797554016 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.797636032 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.817193985 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.817254066 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.817339897 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.817570925 CEST49710443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.817605019 CEST44349710104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.818039894 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:05.863338947 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:05.941485882 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:05.941863060 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:05.941890955 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:05.943527937 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:05.943615913 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:05.944751978 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:05.944839001 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:05.962816000 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:05.962831974 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:05.962939978 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:05.964802980 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:05.964818001 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:05.991549015 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:05.991563082 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:06.034939051 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:06.586241961 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:06.586396933 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:06.586493015 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:06.587958097 CEST49715443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:06.588001013 CEST44349715104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:06.588670969 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:06.588747978 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:06.588890076 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:06.589142084 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:06.589174986 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:06.815047026 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:06.815181971 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:06.819294930 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:06.819310904 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:06.819560051 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:06.862334013 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:06.903359890 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.105947018 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.106028080 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.106204033 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:07.106378078 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:07.106430054 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.106463909 CEST49716443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:07.106481075 CEST44349716184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.140376091 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:07.140433073 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.140686989 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:07.140979052 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:07.141028881 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:07.259291887 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:07.260241985 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:07.260305882 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:07.261389017 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:07.261859894 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:07.262037992 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:07.262044907 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:07.306543112 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:07.306586027 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:08.005697966 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.005776882 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:08.006968975 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:08.006980896 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.007219076 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.008145094 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:08.051371098 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.057140112 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:08.057277918 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:08.057539940 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:08.066617966 CEST49717443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:08.066641092 CEST44349717104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:08.255826950 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.256000042 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.256366014 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:08.256675959 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:08.256675959 CEST49718443192.168.2.5184.28.90.27
              Oct 24, 2024 18:47:08.256731033 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:08.256759882 CEST44349718184.28.90.27192.168.2.5
              Oct 24, 2024 18:47:13.224705935 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:13.224792004 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:13.224896908 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:13.229269028 CEST49720443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:13.229350090 CEST44349720104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:13.229434013 CEST49720443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:13.230066061 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:13.230112076 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:13.230304956 CEST49720443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:13.230326891 CEST44349720104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.091403008 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.091924906 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.091964006 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.092510939 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.094647884 CEST44349720104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.095474005 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.095628023 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.096152067 CEST49720443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.096184015 CEST44349720104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.096493959 CEST44349720104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.096673965 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.097515106 CEST49720443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.097568035 CEST44349720104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.139343977 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.148878098 CEST49720443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.731137991 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:14.731210947 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:14.731290102 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:14.731820107 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:14.731837988 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:14.984574080 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.984663963 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:14.984756947 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.985811949 CEST49719443192.168.2.5104.234.37.42
              Oct 24, 2024 18:47:14.985857010 CEST44349719104.234.37.42192.168.2.5
              Oct 24, 2024 18:47:15.729460001 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.729545116 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.730938911 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.730951071 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.731206894 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.738591909 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.779373884 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.970139027 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.970165968 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.970184088 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.970313072 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.970313072 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.970341921 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.970396996 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.991842031 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.991862059 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.991930008 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:15.991947889 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:15.992042065 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.044311047 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:16.044395924 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:16.044455051 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:16.089478970 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.089500904 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.089705944 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.089706898 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.089783907 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.089858055 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.108642101 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.108654976 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.108869076 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.108935118 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.109024048 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.111109018 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.111124039 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.111185074 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.111200094 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.111304998 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.114259005 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.114275932 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.114345074 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.114356995 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.114407063 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.209016085 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.209034920 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.209177017 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.209252119 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.209398985 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.227128029 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.227144957 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.227339983 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.227340937 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.227410078 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.227475882 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.229018927 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.229053020 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.229101896 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.229116917 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.229151011 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.229284048 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.231569052 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.231585979 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.231664896 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.231679916 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.231806040 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.233335972 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.233352900 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.233432055 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.233443975 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.233527899 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.326783895 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.326802015 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.326889038 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.326952934 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.327102900 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.345065117 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.345088959 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.345145941 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.345176935 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.345206022 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.345477104 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.345805883 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.345870972 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.345877886 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.345957041 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.346004009 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.346004009 CEST49722443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.346045017 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.346069098 CEST4434972213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.391158104 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.391170979 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.391211987 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.391256094 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.391334057 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.391541958 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.391571999 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.391586065 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.391974926 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.392010927 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.393268108 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.393285990 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.393461943 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.393560886 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.393570900 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.394890070 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.394932985 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.395016909 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.395826101 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.395855904 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.395926952 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.395952940 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:16.396007061 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.396084070 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:16.396091938 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.123234034 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.123640060 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.123703003 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.124667883 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.124969006 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.124984026 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.125067949 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.125080109 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.125482082 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.125487089 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.128143072 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.128448963 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.128463984 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.128839016 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.128849983 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.129591942 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.129853010 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.129863977 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.130270958 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.130275965 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.131696939 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.131961107 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.131978035 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.132345915 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.132350922 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.254882097 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.255037069 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.255106926 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.255266905 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.255266905 CEST49729443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.255309105 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.255337954 CEST4434972913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257283926 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257318020 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257381916 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.257391930 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257404089 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257437944 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.257456064 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.257538080 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.257556915 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257565022 CEST49728443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.257570028 CEST4434972813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.257965088 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.257981062 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.258035898 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.258208036 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.258213043 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.259063959 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.259124041 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.259301901 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.259418011 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.259418964 CEST49731443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.259433985 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.259454966 CEST4434973113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.259767056 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.259865046 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.259943008 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.260051012 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.260077000 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.261034966 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.261121035 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.261210918 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.261408091 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.261447906 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287484884 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287549019 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287612915 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.287619114 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287688971 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287743092 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.287763119 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.287769079 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287775993 CEST49730443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.287779093 CEST4434973013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287780046 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287810087 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287870884 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.287889004 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.287929058 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.288044930 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.288044930 CEST49732443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.288058043 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.288065910 CEST4434973213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.289860964 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.289922953 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.289990902 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.290007114 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.290076971 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.290129900 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.290149927 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.290174007 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.290285110 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:17.290313005 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:17.541918039 CEST49714443192.168.2.5142.250.184.196
              Oct 24, 2024 18:47:17.541975975 CEST44349714142.250.184.196192.168.2.5
              Oct 24, 2024 18:47:18.055955887 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.056598902 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.056624889 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.057251930 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.057768106 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.057828903 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.058284998 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.058303118 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.058340073 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.058345079 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.061152935 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.061480045 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.061556101 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.061810970 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.061825991 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.065551996 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.065867901 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.065931082 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.066199064 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.066207886 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.066477060 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.066724062 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.066740990 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.067048073 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.067059040 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.187556028 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.187880993 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.188164949 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.188349009 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.188349009 CEST49734443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.188379049 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.188389063 CEST4434973413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.190414906 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.190498114 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.190577030 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.190679073 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.190699100 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.195354939 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.195467949 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.195566893 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.195652008 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.195652008 CEST49735443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.195696115 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.195724010 CEST4434973513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.197632074 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.197766066 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.197803974 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.197879076 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.198023081 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.198038101 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.198482037 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.198558092 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.198630095 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.198631048 CEST49737443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.198658943 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.198669910 CEST4434973713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.200738907 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.200768948 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.200941086 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.201050043 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.201064110 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.202277899 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.202668905 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.202745914 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.202747107 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.202822924 CEST49736443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.202858925 CEST4434973613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.204736948 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.204749107 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.204865932 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.204921961 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.204972029 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.204988956 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.205003023 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.205029011 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.205111980 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.205111980 CEST49738443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.205127954 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.205148935 CEST4434973813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.207153082 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.207165003 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.207283020 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.207376957 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.207396030 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.925750971 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.926211119 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.926242113 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.927637100 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.927647114 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.929864883 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.930242062 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.930301905 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.930717945 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.930732012 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.939569950 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.940170050 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.940201998 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.940453053 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.940462112 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.944849968 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.945238113 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.945256948 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.945655107 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.945662975 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.946778059 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.947231054 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.947253942 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:18.947582960 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:18.947590113 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.057332993 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.057660103 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.057723999 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.057883978 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.057883978 CEST49743443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.057904005 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.057914972 CEST4434974313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.060741901 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.060830116 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.060909986 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.061074972 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.061093092 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.061626911 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.061964035 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.062016010 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.062104940 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.062130928 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.062156916 CEST49739443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.062170029 CEST4434973913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.064650059 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.064745903 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.064822912 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.064956903 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.064990044 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.077620983 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.077811003 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.077912092 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.077912092 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.077912092 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.078427076 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.079000950 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.079195023 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.079195023 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.079195023 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.080193043 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.080251932 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.080326080 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.080543995 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.080543995 CEST49740443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.080564976 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.080578089 CEST4434974013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.081458092 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.081500053 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.081630945 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.082004070 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.082032919 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.082746983 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.082772970 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.082847118 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.083003998 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.083028078 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.083137989 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.083177090 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.083249092 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.083334923 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.083347082 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.383964062 CEST49741443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.383991003 CEST4434974113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.384058952 CEST49742443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.384105921 CEST4434974213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.783864975 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.784730911 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.784806967 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.785064936 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.785079956 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.794007063 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.794512987 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.794586897 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.794891119 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.794908047 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.823486090 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.823878050 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.823904037 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.824428082 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.824434042 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.824821949 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.825356007 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.825424910 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.825687885 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.825701952 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.831763029 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.832144022 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.832178116 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.832698107 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.832706928 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.923919916 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.924006939 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.924257040 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.924365997 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.924366951 CEST49744443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.924411058 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.924439907 CEST4434974413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.927544117 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.927602053 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.927850962 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.927850962 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.927895069 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.952994108 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.953197002 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.953366995 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.953408957 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.953409910 CEST49748443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.953428984 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.953437090 CEST4434974813.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.956712008 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.956742048 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.956897020 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.957288980 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.957304001 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.962769985 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.962908983 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.962954998 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.963020086 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.963093042 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.963093042 CEST49746443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.963125944 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.963150978 CEST4434974613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.963182926 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.963705063 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.963705063 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.963705063 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966129065 CEST49751443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966140985 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966171980 CEST4434975113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.966228962 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.966305971 CEST49751443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966314077 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966439962 CEST49751443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966448069 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:19.966454983 CEST4434975113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:19.966489077 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.085690975 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.085946083 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.086031914 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.086124897 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.086159945 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.086236000 CEST49745443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.086251974 CEST4434974513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.089406013 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.089426041 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.089602947 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.089956045 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.089962006 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.274667025 CEST49747443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.274699926 CEST4434974713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.672749043 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.673270941 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.673330069 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.673804998 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.673829079 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.697966099 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.698415041 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.698435068 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:20.699064970 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:20.699071884 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.140552044 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.141144991 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.141211033 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.141685963 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.141700029 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.142699957 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.142848969 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.142924070 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.143163919 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.143193960 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.143208981 CEST49749443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.143218040 CEST4434974913.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.144254923 CEST4434975113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.144563913 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.145056009 CEST49751443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.145071030 CEST4434975113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.145086050 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.145095110 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.145467997 CEST49751443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.145473003 CEST4434975113.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.145556927 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.145560980 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.146840096 CEST49754443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.146892071 CEST4434975413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.147093058 CEST49754443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.147195101 CEST49754443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.147208929 CEST4434975413.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.260160923 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.260272980 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.260338068 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.260550022 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.260550022 CEST49750443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.260571957 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.260584116 CEST4434975013.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.263542891 CEST49755443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.263573885 CEST4434975513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.263803959 CEST49755443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.263982058 CEST49755443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.263993979 CEST4434975513.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.286834002 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.286904097 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.286984921 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.287204981 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.287204981 CEST49752443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.287235022 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.287259102 CEST4434975213.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.290184975 CEST49756443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.290236950 CEST4434975613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.290554047 CEST49756443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.290554047 CEST49756443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.290597916 CEST4434975613.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.325943947 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.325984001 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.326307058 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.326401949 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.326401949 CEST49753443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.326412916 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.326416969 CEST4434975313.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.329670906 CEST49757443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.329699039 CEST4434975713.107.246.45192.168.2.5
              Oct 24, 2024 18:47:21.330060959 CEST49757443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.330060959 CEST49757443192.168.2.513.107.246.45
              Oct 24, 2024 18:47:21.330092907 CEST4434975713.107.246.45192.168.2.5

              UDP Packets

              TimestampSource PortDest PortSource IPDest IP
              Oct 24, 2024 18:47:00.676029921 CEST53568851.1.1.1192.168.2.5
              Oct 24, 2024 18:47:02.270917892 CEST5565953192.168.2.51.1.1.1
              Oct 24, 2024 18:47:02.271723032 CEST5793653192.168.2.51.1.1.1
              Oct 24, 2024 18:47:02.327711105 CEST53562301.1.1.1192.168.2.5
              Oct 24, 2024 18:47:02.332257986 CEST53579361.1.1.1192.168.2.5
              Oct 24, 2024 18:47:02.333214998 CEST53556591.1.1.1192.168.2.5
              Oct 24, 2024 18:47:04.963176012 CEST5217553192.168.2.51.1.1.1
              Oct 24, 2024 18:47:04.963457108 CEST5895953192.168.2.51.1.1.1
              Oct 24, 2024 18:47:04.970848083 CEST53521751.1.1.1192.168.2.5
              Oct 24, 2024 18:47:04.971374035 CEST53589591.1.1.1192.168.2.5
              Oct 24, 2024 18:47:19.424287081 CEST53539791.1.1.1192.168.2.5

              DNS Queries

              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
              Oct 24, 2024 18:47:02.270917892 CEST192.168.2.51.1.1.10x3d3eStandard query (0)docusign.cureprojecti.euA (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:02.271723032 CEST192.168.2.51.1.1.10xf458Standard query (0)docusign.cureprojecti.eu65IN (0x0001)false
              Oct 24, 2024 18:47:04.963176012 CEST192.168.2.51.1.1.10x56acStandard query (0)www.google.comA (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:04.963457108 CEST192.168.2.51.1.1.10x58edStandard query (0)www.google.com65IN (0x0001)false

              DNS Answers

              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
              Oct 24, 2024 18:47:02.333214998 CEST1.1.1.1192.168.2.50x3d3eNo error (0)docusign.cureprojecti.eu104.234.37.42A (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:04.970848083 CEST1.1.1.1192.168.2.50x56acNo error (0)www.google.com142.250.184.196A (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:04.971374035 CEST1.1.1.1192.168.2.50x58edNo error (0)www.google.com65IN (0x0001)false
              Oct 24, 2024 18:47:14.729773045 CEST1.1.1.1192.168.2.50x2bbaNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
              Oct 24, 2024 18:47:14.729773045 CEST1.1.1.1192.168.2.50x2bbaNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:14.984849930 CEST1.1.1.1192.168.2.50x5deaNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:14.984849930 CEST1.1.1.1192.168.2.50x5deaNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
              Oct 24, 2024 18:47:15.614844084 CEST1.1.1.1192.168.2.50xcfbbNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
              Oct 24, 2024 18:47:15.614844084 CEST1.1.1.1192.168.2.50xcfbbNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

              HTTP Request Dependency Graph

              • docusign.cureprojecti.eu
              • fs.microsoft.com
              • otelrules.azureedge.net

              HTTPS Proxied Packets

              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              0192.168.2.549709104.234.37.424436056C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:03 UTC738OUTGET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1
              Host: docusign.cureprojecti.eu
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              1192.168.2.549710104.234.37.424436056C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:05 UTC764OUTGET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1
              Host: docusign.cureprojecti.eu
              Connection: keep-alive
              Cache-Control: max-age=0
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              2192.168.2.549715104.234.37.424436056C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:05 UTC764OUTGET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1
              Host: docusign.cureprojecti.eu
              Connection: keep-alive
              Cache-Control: max-age=0
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              3192.168.2.549716184.28.90.27443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:06 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              Accept-Encoding: identity
              User-Agent: Microsoft BITS/7.8
              Host: fs.microsoft.com
              2024-10-24 16:47:07 UTC467INHTTP/1.1 200 OK
              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
              Content-Type: application/octet-stream
              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
              Server: ECAcc (lpl/EF45)
              X-CID: 11
              X-Ms-ApiVersion: Distribute 1.2
              X-Ms-Region: prod-weu-z1
              Cache-Control: public, max-age=259116
              Date: Thu, 24 Oct 2024 16:47:06 GMT
              Connection: close
              X-CID: 2


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              4192.168.2.549717104.234.37.424436056C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:07 UTC764OUTGET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1
              Host: docusign.cureprojecti.eu
              Connection: keep-alive
              Cache-Control: max-age=0
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              5192.168.2.549718184.28.90.27443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:08 UTC239OUTGET /fs/windows/config.json HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              Accept-Encoding: identity
              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
              Range: bytes=0-2147483646
              User-Agent: Microsoft BITS/7.8
              Host: fs.microsoft.com
              2024-10-24 16:47:08 UTC515INHTTP/1.1 200 OK
              ApiVersion: Distribute 1.1
              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
              Content-Type: application/octet-stream
              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
              Server: ECAcc (lpl/EF06)
              X-CID: 11
              X-Ms-ApiVersion: Distribute 1.2
              X-Ms-Region: prod-weu-z1
              Cache-Control: public, max-age=259114
              Date: Thu, 24 Oct 2024 16:47:08 GMT
              Content-Length: 55
              Connection: close
              X-CID: 2
              2024-10-24 16:47:08 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              6192.168.2.549719104.234.37.424436056C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:14 UTC764OUTGET /?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ== HTTP/1.1
              Host: docusign.cureprojecti.eu
              Connection: keep-alive
              Cache-Control: max-age=0
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9


              Session IDSource IPSource PortDestination IPDestination Port
              7192.168.2.54972213.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:15 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:15 UTC561INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:15 GMT
              Content-Type: text/plain
              Content-Length: 218853
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public
              Last-Modified: Wed, 23 Oct 2024 06:30:03 GMT
              ETag: "0x8DCF32C20D7262E"
              x-ms-request-id: 39f98116-901e-0015-0fb5-25b284000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164715Z-16849878b78hz7zj8u0h2zng14000000082g000000009udd
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:15 UTC15823INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
              Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
              2024-10-24 16:47:15 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
              Data Ascii: <S T="1" F="0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L>
              2024-10-24 16:47:16 UTC16384INData Raw: 3c 53 20 54 3d 22 33 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d
              Data Ascii: <S T="3" /> </T> <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-
              2024-10-24 16:47:16 UTC16384INData Raw: 6e 74 73 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a
              Data Ascii: nts" /> </C> <C T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" />
              2024-10-24 16:47:16 UTC16384INData Raw: 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
              Data Ascii: </S> <C T="U32" I="0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32"
              2024-10-24 16:47:16 UTC16384INData Raw: 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20
              Data Ascii: _Count"> <C> <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S
              2024-10-24 16:47:16 UTC16384INData Raw: 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22
              Data Ascii: <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3"
              2024-10-24 16:47:16 UTC16384INData Raw: 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65
              Data Ascii: </L> <R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false
              2024-10-24 16:47:16 UTC16384INData Raw: 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20
              Data Ascii: T="B" /> </R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" />
              2024-10-24 16:47:16 UTC16384INData Raw: 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54
              Data Ascii: O> </F> <F T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T


              Session IDSource IPSource PortDestination IPDestination Port
              8192.168.2.54972913.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:17 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:17 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:17 GMT
              Content-Type: text/xml
              Content-Length: 450
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
              ETag: "0x8DC582BD4C869AE"
              x-ms-request-id: 52fc638d-b01e-0070-36c5-201cc0000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164717Z-16849878b785f8wh85a0w3ennn00000007z0000000007xk7
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:17 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


              Session IDSource IPSource PortDestination IPDestination Port
              9192.168.2.54972813.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:17 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:17 UTC584INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:17 GMT
              Content-Type: text/xml
              Content-Length: 3788
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC2126A6"
              x-ms-request-id: 331d1c77-401e-0029-354e-229b43000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164717Z-16849878b78k8q5pxkgux3mbgg00000007y000000000b5w0
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:17 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


              Session IDSource IPSource PortDestination IPDestination Port
              10192.168.2.54973113.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:17 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:17 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:17 GMT
              Content-Type: text/xml
              Content-Length: 408
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB56D3AFB"
              x-ms-request-id: 712ec88a-d01e-0065-26f2-24b77a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164717Z-r197bdfb6b4cz6xrsdncwtgzd40000000q70000000001suz
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:17 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              11192.168.2.54973013.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:17 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:17 UTC584INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:17 GMT
              Content-Type: text/xml
              Content-Length: 2980
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: 1a9c8bfd-301e-0000-1fee-25eecc000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164717Z-16849878b78k8q5pxkgux3mbgg00000007ug00000000sum3
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:17 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


              Session IDSource IPSource PortDestination IPDestination Port
              12192.168.2.54973213.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:17 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:17 UTC584INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:17 GMT
              Content-Type: text/xml
              Content-Length: 2160
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA3B95D81"
              x-ms-request-id: fdb61705-b01e-0001-2f09-2246e2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164717Z-16849878b785dznd7xpawq9gcn00000000pg00000000d26b
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:17 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


              Session IDSource IPSource PortDestination IPDestination Port
              13192.168.2.54973813.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:18 UTC498INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 467
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
              ETag: "0x8DC582BA6C038BC"
              x-ms-request-id: b0d76b6d-d01e-002b-3e84-2525fb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-15b8d89586f4zwgbgswvrvz4vs00000000mg000000001gtc
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L2_T2
              X-Cache: TCP_REMOTE_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:18 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              14192.168.2.54973413.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:18 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 474
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
              ETag: "0x8DC582B9964B277"
              x-ms-request-id: 734838af-101e-0065-4be5-214088000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b784cpcc2dr9ch74ng000000082000000000ca28
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:18 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              15192.168.2.54973513.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:18 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
              ETag: "0x8DC582B9F6F3512"
              x-ms-request-id: e1deb6d3-201e-006e-700b-22bbe3000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b78p6ttkmyustyrk8s00000007rg00000000wbd7
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:18 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              16192.168.2.54973713.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:18 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 632
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB6E3779E"
              x-ms-request-id: 0a92035d-201e-00aa-57da-213928000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b787c9z7hb8u9yysp000000007y000000000w9v6
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:18 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


              Session IDSource IPSource PortDestination IPDestination Port
              17192.168.2.54973613.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:18 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
              ETag: "0x8DC582BB10C598B"
              x-ms-request-id: 4755be7f-e01e-0052-062b-26d9df000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b78gvgmlcfru6nuc5400000007u000000000u68h
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:18 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              18192.168.2.54974313.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
              ETag: "0x8DC582B9698189B"
              x-ms-request-id: becd8068-601e-003d-7515-266f25000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b78s2lqfdex4tmpp7800000008200000000052sa
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              19192.168.2.54973913.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:19 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
              ETag: "0x8DC582BBAD04B7B"
              x-ms-request-id: 1ae852e8-d01e-008e-29f5-24387a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-15b8d89586fdmfsg1u7xrpfws000000003g000000000hq9e
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              20192.168.2.54974013.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:19 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB344914B"
              x-ms-request-id: 53592b39-c01e-0082-1ef3-24af72000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164719Z-15b8d89586fdmfsg1u7xrpfws000000003e000000000sbeq
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              21192.168.2.54974113.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
              ETag: "0x8DC582BA310DA18"
              x-ms-request-id: 1b2fb3ba-201e-0033-65ce-20b167000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b78gvgmlcfru6nuc5400000007tg00000000wyf2
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              22192.168.2.54974213.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:18 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:18 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
              ETag: "0x8DC582B9018290B"
              x-ms-request-id: 6ca7d158-d01e-0014-15ac-21ed58000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164718Z-16849878b78wx8xv81xhtuunw800000000rg00000000gghm
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              23192.168.2.54974513.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:19 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:20 UTC471INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:20 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA41997E3"
              x-ms-request-id: 7ae4e8d9-101e-005a-2134-26882b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164719Z-r197bdfb6b4vlqfn9hfre6k1s80000000cug000000009q8n
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_MISS
              Accept-Ranges: bytes
              2024-10-24 16:47:20 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              24192.168.2.54974413.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:19 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:19 GMT
              Content-Type: text/xml
              Content-Length: 469
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
              ETag: "0x8DC582BBA701121"
              x-ms-request-id: 1a83195d-f01e-0071-40f5-24431c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164719Z-r197bdfb6b4lbgfqwkqbrm672s00000001mg00000000zswu
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              25192.168.2.54974813.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:19 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:19 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB7010D66"
              x-ms-request-id: e7bd3bd0-f01e-003c-42e3-258cf0000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164719Z-16849878b784cpcc2dr9ch74ng000000083g000000006uze
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              26192.168.2.54974613.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:19 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:19 GMT
              Content-Type: text/xml
              Content-Length: 477
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8CEAC16"
              x-ms-request-id: 4cd68789-d01e-0017-448e-21b035000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164719Z-16849878b78k8q5pxkgux3mbgg00000007xg00000000erd8
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              27192.168.2.54974713.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:19 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:19 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:19 GMT
              Content-Type: text/xml
              Content-Length: 464
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97FB6C3C"
              x-ms-request-id: fc173041-601e-0097-79ad-24f33a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164719Z-15b8d89586ff5l62aha9080wv000000000n0000000004tqv
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:19 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


              Session IDSource IPSource PortDestination IPDestination Port
              28192.168.2.54974913.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:20 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:21 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:20 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
              ETag: "0x8DC582B9748630E"
              x-ms-request-id: b26f0bb8-d01e-00ad-3518-26e942000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164720Z-16849878b785g992cz2s9gk35c00000007yg00000000k2mr
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:21 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              29192.168.2.54975013.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:20 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:21 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:21 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DACDF62"
              x-ms-request-id: 864201cb-901e-0015-2b18-26b284000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164721Z-16849878b78c2tmb7nhatnd68s000000080g00000000adts
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:21 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              30192.168.2.54975213.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:21 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:21 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:21 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C8E04C8"
              x-ms-request-id: 00f7314e-e01e-0052-48ac-21d9df000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164721Z-16849878b78mhkkf6kbvry07q000000007sg00000000taaf
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:21 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              31192.168.2.54975113.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:21 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:21 UTC471INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:21 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
              ETag: "0x8DC582B9E8EE0F3"
              x-ms-request-id: a2903e96-401e-00ac-3034-260a97000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164721Z-15b8d89586f4zwgbgswvrvz4vs00000000dg0000000026ke
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_MISS
              Accept-Ranges: bytes
              2024-10-24 16:47:21 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              32192.168.2.54975313.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:21 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:21 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:21 GMT
              Content-Type: text/xml
              Content-Length: 428
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC4F34CA"
              x-ms-request-id: b11d926e-c01e-00a2-50f4-242327000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164721Z-r197bdfb6b466qclztvgs64z1000000000ng00000000xuvs
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:21 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              33192.168.2.54975413.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:21 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:22 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:21 GMT
              Content-Type: text/xml
              Content-Length: 499
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
              ETag: "0x8DC582B98CEC9F6"
              x-ms-request-id: 6ff76e76-001e-002b-21c5-2099f2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164721Z-16849878b78rjhv97f3nhawr7s00000007ug00000000ssws
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:22 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              34192.168.2.54975513.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:22 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:22 UTC491INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:22 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B988EBD12"
              x-ms-request-id: ff743265-301e-000c-1ff2-24323f000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164722Z-r197bdfb6b4gx6v9pg74w9f47s000000010g00000000tn5f
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-24 16:47:22 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              35192.168.2.54975613.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:22 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:22 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:22 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB5815C4C"
              x-ms-request-id: ff77512b-301e-000c-17f4-24323f000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164722Z-15b8d89586f8l5961kfst8fpb000000009n0000000007612
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:22 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              36192.168.2.54975813.107.246.45443
              TimestampBytes transferredDirectionData
              2024-10-24 16:47:22 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-24 16:47:22 UTC470INHTTP/1.1 200 OK
              Date: Thu, 24 Oct 2024 16:47:22 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8972972"
              x-ms-request-id: 131e52ce-d01e-002b-553b-2225fb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241024T164722Z-16849878b78c2tmb7nhatnd68s00000007xg00000000p2u7
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-24 16:47:22 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Statistics

              CPU Usage

              Click to jump to process

              Memory Usage

              Click to jump to process

              Behavior

              Click to jump to process

              System Behavior

              General

              Target ID:0
              Start time:12:46:55
              Start date:24/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:2
              Start time:12:46:59
              Start date:24/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2016,i,15713423510889815300,16626858676519988976,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:3
              Start time:12:47:01
              Start date:24/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://docusign.cureprojecti.eu/?organisation=airscope.com&dse=cmljaGFyZC5iZW50bGV5QGFpcnNjb3BlLmNvbQ=="
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:true

              Disassembly

              No disassembly