Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://gthr..uk/e8c3

Overview

General Information

Sample URL:https://gthr..uk/e8c3
Analysis ID:1544769
Infos:
Errors
  • URL not reachable

Detection

Score:20
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

AI detected suspicious URL
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2140 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6580 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2672 --field-trial-handle=2064,i,8224370898668809470,13047197004121646944,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gthr..uk/e8c3" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49749 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49749 version: TLS 1.2
Source: classification engineClassification label: sus20.win@20/6@6/3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2672 --field-trial-handle=2064,i,8224370898668809470,13047197004121646944,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gthr..uk/e8c3"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2672 --field-trial-handle=2064,i,8224370898668809470,13047197004121646944,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected

Persistence and Installation Behavior

barindex
AI detected suspicious URL
Source: EmailJoeBoxAI: AI detected Typosquatting in URL: URL: https://gthr..uk/e8c3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1544769 URL: https://gthr..uk/e8c3 Startdate: 29/10/2024 Architecture: WINDOWS Score: 20 22 AI detected suspicious URL 2->22 6 chrome.exe 8 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.5, 443, 49703, 49711 unknown unknown 6->14 16 239.255.255.250 unknown Reserved 6->16 11 chrome.exe 6->11         started        process5 dnsIp6 18 www.google.com 142.250.185.228, 443, 49711 GOOGLEUS United States 11->18 20 google.com 11->20

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    google.com
    		172.217.18.14
    		truefalse
      		unknown
      s-part-0017.t-0009.t-msedge.net
      		13.107.246.45
      		truefalse
        		unknown
        www.google.com
        		142.250.185.228
        		truefalse
          		unknown
          fp2e7a.wpc.phicdn.net
          		192.229.221.95
          		truefalse
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            142.250.185.228
            		www.google.comUnited States
            		15169GOOGLEUSfalse
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse

            Private

            IP
            192.168.2.5

            General Information

            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1544769
            Start date and time:2024-10-29 18:18:39 +01:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 2m 1s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:https://gthr..uk/e8c3
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:6
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:SUS
            Classification:sus20.win@20/6@6/3
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            Cookbook Comments:
            • URL browsing timeout or error

            Errors

            • URL not reachable

            Warnings

            • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.184.227, 216.58.206.46, 173.194.76.84, 34.104.35.123, 184.28.90.27, 4.175.87.197, 199.232.210.172, 192.229.221.95, 20.3.187.198
            • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtSetInformationFile calls found.
            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
            • VT rate limit hit for: https://gthr..uk/e8c3

            Simulations

            Behavior and APIs

            No simulations

            LLM Input / Output

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 16:19:37 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.973707522881521
            Encrypted:false
            SSDEEP:48:8TdjTLLMHridAKZdA19ehwiZUklqehsJy+3:8F7wBJy
            MD5:D4B7D78A33C4A974649957E7CF49CB7B
            SHA1:759A2E920E90D3A290857AA53A2130EB77D53F62
            SHA-256:A8E47D2D5CD71D10D480CEE701CD5E559A76BF40885310F820C2803CE3582A11
            SHA-512:B1CFAE3824EF52D889EC02A62AAFBF5148029B8DE2148D0834CCC808C6E1A5B34577F2861A9B951246B8C307EFB52948D8CDAA9E7F06C71B88A33CEE7C5F88CB
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.....".&*..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Yp.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yp.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Yp.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Yp............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Ys............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........f..F.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 16:19:37 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.986816123990581
            Encrypted:false
            SSDEEP:48:8GdjTLLMHridAKZdA1weh/iZUkAQkqehxJy+2:8S7K9Q+Jy
            MD5:D0E865F25A9C96D9572DEE95ED0EB5D1
            SHA1:95C76BD7E0C3E4F6105A6F905519E260BBA8E58C
            SHA-256:DF206FAA3531F2AEB56D1FF82EB01D0610A928C30B40F320EC4E0E98EB440893
            SHA-512:88CCD82E71B134DBE873A85994C3FCFC0D708AA8124FFABCE7785031664EB35C029E3F2E30B79CBE997FF251EA66BB7077FCE661E862EA3AD286BD3D7DEAA3A6
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.....L..&*..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Yp.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yp.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Yp.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Yp............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Ys............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........f..F.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2693
            Entropy (8bit):4.000797014253671
            Encrypted:false
            SSDEEP:48:8xkdjTLLsHridAKZdA14tseh7sFiZUkmgqeh7srJy+BX:8x87yndJy
            MD5:CB62D51F5440B58A1440E520705B31FB
            SHA1:C1B19025376F164E5DE135A5AED55350CE1841DB
            SHA-256:6DC30A79E75E66D56A460C4F9340FBE188718773ACF78AA55B6F416214B402FD
            SHA-512:81766DDC3FBF65F980F529ED0E6CADC06360F6DD63426930172AB93DD7907195BDFBC19DA15CAA1FC8538251C44CC3F4E531C8DC57502100E9EC4A4BF738C424
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Yp.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yp.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Yp.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Yp............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........f..F.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 16:19:37 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.986579051343385
            Encrypted:false
            SSDEEP:48:8NdjTLLMHridAKZdA1vehDiZUkwqeh1Jy+R:8j7RjJy
            MD5:8C6E6A7078A48362F728C796D204431A
            SHA1:34FE700DD0A435D445A9415A5EE09EEEF70E4516
            SHA-256:3E28D1406EE2AD5ADA1F48FC1E3810FA24A8CF68C7004ED0D76E0DAF7B549DAC
            SHA-512:CC67747BF3FE2F34B5C04A2BC4DFB7489D0B01C580E873D1C8D90E4B2A4595DDC00C28AEC1EC2ED98BB75D58A70648779DE6C2435F0C1F8843AEA527392CAE0B
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....I%..&*..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Yp.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yp.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Yp.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Yp............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Ys............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........f..F.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 16:19:37 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.9766817068303073
            Encrypted:false
            SSDEEP:48:8IdjTLLMHridAKZdA1hehBiZUk1W1qehnJy+C:8o7x9HJy
            MD5:C0BFF9286DE85745E9B2BA0F9B19B765
            SHA1:0312065AA0D1E846FC872AD9D253EE111CFF211F
            SHA-256:39C1595E6AD1AFF2606F1F50BFFD0701DB7780E1BAEE572DDC91F026412C061A
            SHA-512:DCDB01C2397D6871C1739D6E113760DFE0B759A7F326EEF57F1FEA2F663699F86883D5203BFD4C77C340FEC99A5D443B84469246A5C7A39D78EC93F81E936486
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.....s..&*..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Yp.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yp.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Yp.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Yp............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Ys............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........f..F.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 16:19:37 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2683
            Entropy (8bit):3.9836460629341777
            Encrypted:false
            SSDEEP:48:82djTLLMHridAKZdA1duT+ehOuTbbiZUk5OjqehOuTbdJy+yT+:8i7tT/TbxWOvTbdJy7T
            MD5:A5CD56312F962BBD0882CD87613CC3F8
            SHA1:3AF565A0AF8EF2606FA1B5C8A0FDA51A9DAE38AD
            SHA-256:CCBF05DCE8C9DB6E4FF93699119C36CAEBBFCF7D92E23D3672F674B1157992B7
            SHA-512:122347DA58139B1347C4BE77FCF833775F4931B5A020546C10A91F869EAC7E2A4C4F6BFEB8DA1E45EA699146C977B85477CCA88C17E03B2220598258199079F2
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,........&*..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I]Yp.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V]Yp.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V]Yp.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V]Yp............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V]Ys............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........f..F.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 29, 2024 18:19:29.584418058 CET49675443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:29.584547997 CET49674443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:29.756387949 CET49673443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:39.199719906 CET49674443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:39.324975967 CET49675443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:39.512008905 CET49673443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:41.188529968 CET4434970323.1.237.91192.168.2.5
            Oct 29, 2024 18:19:41.188638926 CET49703443192.168.2.523.1.237.91
            Oct 29, 2024 18:19:41.195542097 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:41.195588112 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:41.195724010 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:41.196110010 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:41.196125984 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:42.086472034 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:42.086754084 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:42.086774111 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:42.087754011 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:42.087814093 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:42.471106052 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:42.471302986 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:42.528404951 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:42.528419018 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:42.715903044 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:50.859173059 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:50.859209061 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:50.859282970 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:50.860161066 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:50.860181093 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.706059933 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.706144094 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:51.708146095 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:51.708159924 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.708547115 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.717952013 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:51.759362936 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.966849089 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.966918945 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.966963053 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.966990948 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:51.967010975 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:51.967046022 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:51.967057943 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.080178022 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:52.080261946 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:52.080336094 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:52.083936930 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.083985090 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.084016085 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.084026098 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.084062099 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.084072113 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.200586081 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.200634003 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.200664997 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.200679064 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.200721025 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.200732946 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.316675901 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.316726923 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.316752911 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.316766024 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.316790104 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.316806078 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.432898045 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.432945967 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.432980061 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.432988882 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.433048010 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.548479080 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.548527956 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.548554897 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.548567057 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.548583031 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.548666000 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.665144920 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.665206909 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.665220022 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.665232897 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.665263891 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.665277958 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.781496048 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.781548023 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.781585932 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.781598091 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.781631947 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.781641006 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.864959955 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.865025043 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.865051031 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.865060091 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.865093946 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.865130901 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.980715036 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.980771065 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.980808973 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:52.980819941 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:52.980870962 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.097495079 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.097556114 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.097594023 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.097620964 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.097640991 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.097656012 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.130608082 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.130657911 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.130697012 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.130708933 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.130744934 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.130765915 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.216109037 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.216173887 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.216216087 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.216227055 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.216269970 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.216284037 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.247576952 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.247654915 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.247663975 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.247714996 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.247757912 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.247831106 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.274096012 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.274110079 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.274122953 CET49716443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.274130106 CET4434971613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.393313885 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.393347979 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.393558979 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.395714045 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.395759106 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.395818949 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.395989895 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.396011114 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.398273945 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.398299932 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.398521900 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.398715973 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.398730993 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.398813963 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.398829937 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.400698900 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.400738001 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.400859118 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.401015997 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.401027918 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.402326107 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.402333975 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.402389050 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.402825117 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:53.402838945 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:53.405860901 CET49711443192.168.2.5142.250.185.228
            Oct 29, 2024 18:19:53.405874014 CET44349711142.250.185.228192.168.2.5
            Oct 29, 2024 18:19:54.126641989 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.127650976 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.127665997 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.128449917 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.128984928 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.129013062 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.130245924 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.130254984 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.130258083 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.130263090 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.134306908 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.134722948 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.134757042 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.135061026 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.135068893 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.149146080 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.149621010 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.149633884 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.149971962 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.149976969 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.154918909 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.155424118 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.155436993 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.156053066 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.156059027 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.260720015 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.261049032 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.261290073 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.261388063 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.261403084 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.261434078 CET49722443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.261440039 CET4434972213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.261567116 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.261729956 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.261790037 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.262022972 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.262041092 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.262054920 CET49725443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.262061119 CET4434972513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.262420893 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.262470961 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.262542963 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.262562037 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.262583971 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.262609005 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.262660027 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.263470888 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.263489962 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.263503075 CET49724443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.263509989 CET4434972413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.267383099 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.267412901 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.267508984 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.268796921 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.268829107 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.268999100 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.269010067 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.269022942 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.269059896 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.269282103 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.269298077 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.269313097 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.269324064 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.269398928 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.269407988 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.281769991 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.281821012 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.281936884 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.281949043 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.281966925 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.282001019 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.282066107 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.282280922 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.282293081 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.282305956 CET49723443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.282310963 CET4434972313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.287512064 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.287523031 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.287709951 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.288170099 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.288178921 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.288518906 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.288570881 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.288636923 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.288647890 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.288686991 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.288805008 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.289940119 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.289952040 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.289963007 CET49726443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.289968014 CET4434972613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.298559904 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.298576117 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:54.298760891 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.299129963 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:54.299143076 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.006309986 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.007724047 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.007754087 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.010458946 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.010466099 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.019224882 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.020270109 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.020282030 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.020833015 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.020838022 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.027821064 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.028537989 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.028547049 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.029258966 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.029263020 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.037625074 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.038196087 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.038209915 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.039081097 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.039087057 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.136334896 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.136464119 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.136544943 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.136823893 CET49729443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.136842012 CET4434972913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.141412020 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.141438961 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.141509056 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.141664982 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.141675949 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.151628971 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.151778936 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.151844025 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.152034998 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.152050018 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.152059078 CET49728443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.152062893 CET4434972813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.157089949 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.157125950 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.157341003 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.157907963 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.157922983 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.164513111 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.164663076 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.164721012 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.164856911 CET49730443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.164860964 CET4434973013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.167902946 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.168373108 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.168425083 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.168509960 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.168519974 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.168529987 CET49731443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.168536901 CET4434973113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.169240952 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.169253111 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.169476986 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.170989990 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.170999050 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.174302101 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.174313068 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.174500942 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.174701929 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.174715042 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.209075928 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.210275888 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.210283995 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.211184978 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.211189032 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.348436117 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.348546028 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.348618984 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.348809004 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.348829031 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.348838091 CET49727443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.348849058 CET4434972713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.352221012 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.352327108 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.352427959 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.352591991 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.352627039 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.885327101 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.886008978 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.886038065 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.886447906 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.886455059 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.907887936 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.908488035 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.908518076 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.909490108 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.909497023 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.920252085 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.921303034 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.921328068 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.922183990 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:55.922190905 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:55.956197023 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.006032944 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.017136097 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.017359972 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.017421961 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.039870977 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.040157080 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.040215969 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.042532921 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.042540073 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.043592930 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.043598890 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.081268072 CET49732443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.081295967 CET4434973213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.088574886 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.088737965 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.088797092 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.093880892 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.110174894 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.110213041 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.111088991 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.111100912 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.112216949 CET49734443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.112236023 CET4434973413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.113804102 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.113822937 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.113832951 CET49733443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.113846064 CET4434973313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.127466917 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.127506971 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.127583027 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.128876925 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.128977060 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.129065990 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.129755020 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.129771948 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.130345106 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.130383015 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.132339954 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.132349968 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.132529974 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.132869005 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.132882118 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.176152945 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.176229000 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.176292896 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.176795959 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.176805019 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.176814079 CET49735443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.176816940 CET4434973513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.186160088 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.186197042 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.186319113 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.186849117 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.186863899 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.261954069 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.262027025 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.262141943 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.262686968 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.262737036 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.262768984 CET49736443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.262784004 CET4434973613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.268064022 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.268137932 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:56.268244028 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.268593073 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:56.268625975 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.088036060 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.088690042 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.088754892 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.089443922 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.089458942 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.090425014 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.090764999 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.090799093 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.091373920 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.091379881 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.091758013 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.091777086 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.091861963 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.092044115 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.092051029 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.092194080 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.092226982 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.092437029 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.092441082 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.092560053 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.092566013 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.092690945 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.092715025 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.093039036 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.093044043 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.217883110 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.218476057 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.218591928 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.218656063 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.218656063 CET49741443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.218698025 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.218728065 CET4434974113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.221781015 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.221916914 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.222104073 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.222135067 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.222141027 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.222203970 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.222309113 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.222346067 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.222392082 CET49738443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.222409010 CET4434973813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.222655058 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.222908020 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.223072052 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.223608017 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.223622084 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.223632097 CET49739443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.223637104 CET4434973913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.224340916 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.224354982 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.224919081 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.225061893 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.225577116 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.225790024 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.225812912 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.225871086 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.226120949 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.226142883 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.226208925 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.226216078 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.226224899 CET49737443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.226227999 CET4434973713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.227945089 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.227961063 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.228037119 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.228152990 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.228167057 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.229286909 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.229341030 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.229528904 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.229746103 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.229764938 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.238729000 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.239029884 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.239092112 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.239166021 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.239166021 CET49740443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.239177942 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.239188910 CET4434974013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.247893095 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.247910023 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.248058081 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.248150110 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.248157978 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.959440947 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.960030079 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.960057020 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.960786104 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.960792065 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.964323044 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.964771032 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.964812994 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.965249062 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.965255976 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.981545925 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.981982946 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.982019901 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.982399940 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.982414961 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.988498926 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.988842964 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.988862038 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:57.989382029 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:57.989387035 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.088191986 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.088772058 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.088845968 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.088886976 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.088908911 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.088922024 CET49744443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.088927031 CET4434974413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.092070103 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.092140913 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.092214108 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.092324972 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.092341900 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.095031977 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.095241070 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.095438004 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.095474958 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.095494032 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.095506907 CET49742443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.095515966 CET4434974213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.097713947 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.097805977 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.097904921 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.098007917 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.098047972 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.109915972 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.110203981 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.110354900 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.110356092 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.110404968 CET49745443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.110426903 CET4434974513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.112407923 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.112438917 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.112538099 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.112690926 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.112706900 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.118191957 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.118352890 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.118441105 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.118441105 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.118499041 CET49746443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.118508101 CET4434974613.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.120625973 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.120663881 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.120863914 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.120863914 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.120927095 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.826734066 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.827642918 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.827683926 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.828491926 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.828520060 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.837188005 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.837362051 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.837848902 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.837914944 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.838426113 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.838432074 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.838447094 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.838452101 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.838928938 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.838934898 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.877228022 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.877922058 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.877960920 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.878528118 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.878556967 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.959652901 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.959834099 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.959933996 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.960151911 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.960151911 CET49747443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.960165024 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.960174084 CET4434974713.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.964040995 CET49751443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.964071035 CET4434975113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.964158058 CET49751443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.964454889 CET49751443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.964468002 CET4434975113.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.966248989 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.966377020 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.966515064 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.966576099 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.966586113 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.966609955 CET49749443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.966614008 CET4434974913.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.969029903 CET49752443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.969078064 CET4434975213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.969278097 CET49752443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.969278097 CET49752443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.969319105 CET4434975213.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.970293999 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.970344067 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.970551968 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.970551968 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.970890045 CET49748443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.970921993 CET4434974813.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.972806931 CET49753443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.972841024 CET4434975313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:58.972939968 CET49753443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.973129988 CET49753443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:58.973149061 CET4434975313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.003010035 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.003854990 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.003874063 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.004260063 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.004271984 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.010890961 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.011348963 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.011486053 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.011486053 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.011631966 CET49750443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.011646986 CET4434975013.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.013958931 CET49754443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.013978004 CET4434975413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.014251947 CET49754443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.014444113 CET49754443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.014461040 CET4434975413.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.138542891 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.138758898 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.138905048 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.139067888 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.139067888 CET49743443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.139113903 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.139141083 CET4434974313.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.143071890 CET49755443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.143105984 CET4434975513.107.246.45192.168.2.5
            Oct 29, 2024 18:19:59.143187046 CET49755443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.143395901 CET49755443192.168.2.513.107.246.45
            Oct 29, 2024 18:19:59.143410921 CET4434975513.107.246.45192.168.2.5

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 29, 2024 18:19:36.686628103 CET53647761.1.1.1192.168.2.5
            Oct 29, 2024 18:19:36.712641001 CET53625741.1.1.1192.168.2.5
            Oct 29, 2024 18:19:38.124845982 CET53628461.1.1.1192.168.2.5
            Oct 29, 2024 18:19:38.355554104 CET4990453192.168.2.58.8.8.8
            Oct 29, 2024 18:19:38.355787039 CET5099953192.168.2.51.1.1.1
            Oct 29, 2024 18:19:38.447361946 CET53509991.1.1.1192.168.2.5
            Oct 29, 2024 18:19:38.447417974 CET53499048.8.8.8192.168.2.5
            Oct 29, 2024 18:19:41.106220007 CET5435753192.168.2.51.1.1.1
            Oct 29, 2024 18:19:41.106589079 CET5183053192.168.2.51.1.1.1
            Oct 29, 2024 18:19:41.193979025 CET53518301.1.1.1192.168.2.5
            Oct 29, 2024 18:19:41.194221020 CET53543571.1.1.1192.168.2.5
            Oct 29, 2024 18:19:50.886646032 CET5000053192.168.2.51.1.1.1
            Oct 29, 2024 18:19:50.886931896 CET5673653192.168.2.58.8.8.8
            Oct 29, 2024 18:19:50.895107985 CET53500001.1.1.1192.168.2.5
            Oct 29, 2024 18:19:50.895123005 CET53567368.8.8.8192.168.2.5
            Oct 29, 2024 18:19:55.211148977 CET53567381.1.1.1192.168.2.5

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Oct 29, 2024 18:19:38.355554104 CET192.168.2.58.8.8.80x7a44Standard query (0)google.comA (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:38.355787039 CET192.168.2.51.1.1.10xc341Standard query (0)google.comA (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:41.106220007 CET192.168.2.51.1.1.10x2e5eStandard query (0)www.google.comA (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:41.106589079 CET192.168.2.51.1.1.10x861bStandard query (0)www.google.com65IN (0x0001)false
            Oct 29, 2024 18:19:50.886646032 CET192.168.2.51.1.1.10x4f09Standard query (0)google.comA (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:50.886931896 CET192.168.2.58.8.8.80x6edfStandard query (0)google.comA (IP address)IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Oct 29, 2024 18:19:38.447361946 CET1.1.1.1192.168.2.50xc341No error (0)google.com172.217.18.14A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:38.447417974 CET8.8.8.8192.168.2.50x7a44No error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:41.193979025 CET1.1.1.1192.168.2.50x861bNo error (0)www.google.com65IN (0x0001)false
            Oct 29, 2024 18:19:41.194221020 CET1.1.1.1192.168.2.50x2e5eNo error (0)www.google.com142.250.185.228A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:50.430162907 CET1.1.1.1192.168.2.50x28b5No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:50.430162907 CET1.1.1.1192.168.2.50x28b5No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:50.857075930 CET1.1.1.1192.168.2.50x6699No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
            Oct 29, 2024 18:19:50.857075930 CET1.1.1.1192.168.2.50x6699No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:50.895107985 CET1.1.1.1192.168.2.50x4f09No error (0)google.com142.250.181.238A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:50.895123005 CET8.8.8.8192.168.2.50x6edfNo error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
            Oct 29, 2024 18:19:51.069499969 CET1.1.1.1192.168.2.50x2378No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            Oct 29, 2024 18:19:51.069499969 CET1.1.1.1192.168.2.50x2378No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

            HTTP Request Dependency Graph

            • otelrules.azureedge.net

            HTTPS Proxied Packets

            Session IDSource IPSource PortDestination IPDestination Port
            0192.168.2.54971613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:51 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:51 UTC540INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:51 GMT
            Content-Type: text/plain
            Content-Length: 218853
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public
            Last-Modified: Mon, 28 Oct 2024 13:23:36 GMT
            ETag: "0x8DCF753BAA1B278"
            x-ms-request-id: 174434da-801e-0015-686a-29f97f000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171951Z-16849878b78wv88bk51myq5vxc000000070g00000000ty0f
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:51 UTC15844INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
            Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
            2024-10-29 17:19:52 UTC16384INData Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e
            Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
            2024-10-29 17:19:52 UTC16384INData Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31
            Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
            2024-10-29 17:19:52 UTC16384INData Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
            Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
            2024-10-29 17:19:52 UTC16384INData Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f
            Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
            2024-10-29 17:19:52 UTC16384INData Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a
            Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
            2024-10-29 17:19:52 UTC16384INData Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63
            Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
            2024-10-29 17:19:52 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e
            Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
            2024-10-29 17:19:52 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20
            Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
            2024-10-29 17:19:52 UTC16384INData Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c
            Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <


            Session IDSource IPSource PortDestination IPDestination Port
            1192.168.2.54972213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:54 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:54 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:54 GMT
            Content-Type: text/xml
            Content-Length: 450
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
            ETag: "0x8DC582BD4C869AE"
            x-ms-request-id: 9a0790d9-e01e-0052-7cad-26d9df000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171954Z-16849878b78xblwksrnkakc08w000000061g00000000m2s9
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-29 17:19:54 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


            Session IDSource IPSource PortDestination IPDestination Port
            2192.168.2.54972513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:54 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:54 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:54 GMT
            Content-Type: text/xml
            Content-Length: 408
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB56D3AFB"
            x-ms-request-id: c3a6d21e-601e-00ab-1dc6-2766f4000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171954Z-r197bdfb6b4zd9tpkpdngrtchw000000068000000000497u
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:54 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            3192.168.2.54972413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:54 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:54 UTC563INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:54 GMT
            Content-Type: text/xml
            Content-Length: 2980
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: 23ba7a24-801e-0015-5af3-24f97f000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171954Z-17c5cb586f6w4mfs5xcmnrny6n00000008kg00000000a52h
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:54 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


            Session IDSource IPSource PortDestination IPDestination Port
            4192.168.2.54972313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:54 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:54 UTC584INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:54 GMT
            Content-Type: text/xml
            Content-Length: 3788
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC2126A6"
            x-ms-request-id: 041e76a7-601e-005c-45ae-26f06f000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171954Z-16849878b78wc6ln1zsrz6q9w800000006gg00000000dhkb
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:54 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


            Session IDSource IPSource PortDestination IPDestination Port
            5192.168.2.54972613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:54 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:54 UTC563INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:54 GMT
            Content-Type: text/xml
            Content-Length: 2160
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA3B95D81"
            x-ms-request-id: cddcf92d-501e-008f-6a41-269054000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171954Z-r197bdfb6b48v72xb403uy6hns00000007dg00000000cfrd
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:54 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


            Session IDSource IPSource PortDestination IPDestination Port
            6192.168.2.54972913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:55 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
            ETag: "0x8DC582B9F6F3512"
            x-ms-request-id: 633f9008-101e-00a2-3e9b-279f2e000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b78j5kdg3dndgqw0vg00000008e000000000w7xz
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:55 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            7192.168.2.54972813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:55 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 474
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
            ETag: "0x8DC582B9964B277"
            x-ms-request-id: 7b93b929-d01e-0082-6676-27e489000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b78km6fmmkbenhx76n000000066000000000d2pt
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:55 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            8192.168.2.54973013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:55 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 632
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB6E3779E"
            x-ms-request-id: 1f7bc680-101e-0065-6904-274088000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b785dznd7xpawq9gcn000000088000000000aqzg
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:55 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


            Session IDSource IPSource PortDestination IPDestination Port
            9192.168.2.54973113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:55 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 467
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
            ETag: "0x8DC582BA6C038BC"
            x-ms-request-id: e84b733d-701e-005c-1bb8-26bb94000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b78smng4k6nq15r6s4000000089g00000000n1sa
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-29 17:19:55 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            10192.168.2.54972713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:55 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
            ETag: "0x8DC582BB10C598B"
            x-ms-request-id: c60d5dca-401e-005b-2742-279c0c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-17c5cb586f65j4snvy39m6qus4000000021g00000000kzcp
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:55 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            11192.168.2.54973213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:56 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
            ETag: "0x8DC582BBAD04B7B"
            x-ms-request-id: 3c9c0adf-d01e-0028-0c96-257896000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b78nx5sne3fztmu6xc00000007s000000000ns63
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:56 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            12192.168.2.54973313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:56 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB344914B"
            x-ms-request-id: 0fe0dd21-c01e-0066-771c-26a1ec000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b78smng4k6nq15r6s400000008eg000000000be3
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-29 17:19:56 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            13192.168.2.54973413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:55 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:56 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:55 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
            ETag: "0x8DC582BA310DA18"
            x-ms-request-id: 6b0d144c-801e-007b-3a49-27e7ab000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171955Z-16849878b7898p5f6vryaqvp5800000007kg00000000sxen
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:56 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            14192.168.2.54973513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:56 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:56 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:56 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
            ETag: "0x8DC582B9018290B"
            x-ms-request-id: c8022c20-501e-00a3-08ae-26c0f2000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171956Z-16849878b78bcpfn2qf7sm6hsn00000008h0000000002pce
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:56 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            15192.168.2.54973613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:56 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:56 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:56 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
            ETag: "0x8DC582B9698189B"
            x-ms-request-id: 226d2935-b01e-001e-729c-270214000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171956Z-r197bdfb6b46kdskt78qagqq1c0000000740000000004m24
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:56 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            16192.168.2.54974113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:57 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB7010D66"
            x-ms-request-id: 78a5d0bc-501e-005b-6da6-26d7f7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-16849878b78j7llf5vkyvvcehs00000007zg000000005sut
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:57 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            17192.168.2.54973713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:57 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 469
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
            ETag: "0x8DC582BBA701121"
            x-ms-request-id: 2fd6bd5d-d01e-007a-394f-26f38c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-16849878b787bfsh7zgp804my400000005h000000000tq9c
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:57 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            18192.168.2.54973913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:57 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA41997E3"
            x-ms-request-id: d7829477-101e-008d-1890-2792e5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-17c5cb586f6f8m6jnehy0z65x4000000066g000000003pxn
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:57 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            19192.168.2.54974013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:57 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 464
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
            ETag: "0x8DC582B97FB6C3C"
            x-ms-request-id: 860a7776-a01e-00ab-0afb-289106000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-r197bdfb6b4g24ztpxkw4umce800000008bg00000000b2s1
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:57 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


            Session IDSource IPSource PortDestination IPDestination Port
            20192.168.2.54973813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:57 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8CEAC16"
            x-ms-request-id: 9a09e836-e01e-0052-3cae-26d9df000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-16849878b78fssff8btnns3b14000000073g00000000ebmk
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:57 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            21192.168.2.54974413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
            ETag: "0x8DC582B9E8EE0F3"
            x-ms-request-id: 1abafd92-601e-0070-072b-27a0c9000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-16849878b78p8hrf1se7fucxk800000007mg00000000tk1r
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            22192.168.2.54974213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:57 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
            ETag: "0x8DC582B9748630E"
            x-ms-request-id: 47f8d5d2-401e-005b-1e67-279c0c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171957Z-16849878b78fssff8btnns3b14000000071g00000000qyx5
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            23192.168.2.54974513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:58 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
            ETag: "0x8DC582B9C8E04C8"
            x-ms-request-id: ebbbec6e-b01e-0021-1c83-29cab7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171958Z-r197bdfb6b4zd9tpkpdngrtchw000000068g000000002xdu
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            24192.168.2.54974613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:57 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:58 GMT
            Content-Type: text/xml
            Content-Length: 428
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC4F34CA"
            x-ms-request-id: 6b700fd2-301e-005d-5b5a-26e448000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171958Z-r197bdfb6b48pl4k4a912hk2g4000000064g000000004uae
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            25192.168.2.54974713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:58 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:58 GMT
            Content-Type: text/xml
            Content-Length: 499
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
            ETag: "0x8DC582B98CEC9F6"
            x-ms-request-id: 54a08b66-801e-008f-529b-272c5d000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171958Z-16849878b78bcpfn2qf7sm6hsn00000008ag00000000wm8h
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            26192.168.2.54974913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:58 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:58 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB5815C4C"
            x-ms-request-id: deaa19c2-701e-006f-33de-26afc4000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171958Z-17c5cb586f6w4mfs5xcmnrny6n00000008q000000000402g
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            27192.168.2.54974813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:58 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:58 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:58 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B988EBD12"
            x-ms-request-id: 50755ed9-801e-00ac-015e-27fd65000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171958Z-r197bdfb6b4mcssrk8cfa4gm1g00000000p000000000094e
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:58 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            28192.168.2.54975013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:58 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:59 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:58 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB32BB5CB"
            x-ms-request-id: 2760be74-301e-0096-200b-26e71d000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171958Z-16849878b785dznd7xpawq9gcn000000084g00000000s3qc
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:59 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            29192.168.2.54974313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:59 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:59 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:59 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DACDF62"
            x-ms-request-id: 8d7929b6-101e-0017-6edc-2647c7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171959Z-17c5cb586f6gkqkwd0x1ge8t0400000007d0000000003fre
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:59 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            30192.168.2.54975113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:59 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:59 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:59 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8972972"
            x-ms-request-id: fa11464d-701e-0032-1f49-27a540000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171959Z-16849878b78fssff8btnns3b14000000075g000000006dkf
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:59 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            31192.168.2.54975313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:59 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:59 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:59 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
            ETag: "0x8DC582B9D43097E"
            x-ms-request-id: d63b5638-a01e-0021-2ab4-27814c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171959Z-15b8d89586fbmg6qpd9yf8zhm000000001wg0000000004qt
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:59 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            32192.168.2.54975213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:59 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:59 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:59 GMT
            Content-Type: text/xml
            Content-Length: 420
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DAE3EC0"
            x-ms-request-id: ce95f5ab-001e-0034-242a-27dd04000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171959Z-17c5cb586f6b6kj91vqtm6kxaw00000005d000000000hp0e
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:59 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


            Session IDSource IPSource PortDestination IPDestination Port
            33192.168.2.54975413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:59 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:19:59 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:59 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
            ETag: "0x8DC582BA909FA21"
            x-ms-request-id: aa4b9449-201e-0071-52d2-29ff15000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171959Z-r197bdfb6b4zd9tpkpdngrtchw00000006800000000049cz
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:19:59 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            34192.168.2.54975513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:19:59 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:20:00 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:19:59 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
            ETag: "0x8DC582B92FCB436"
            x-ms-request-id: 01fc617d-601e-000d-05a4-262618000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T171959Z-16849878b78wv88bk51myq5vxc000000074g00000000ar2w
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:20:00 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            35192.168.2.54975613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:20:00 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:20:00 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:20:00 GMT
            Content-Type: text/xml
            Content-Length: 423
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
            ETag: "0x8DC582BB7564CE8"
            x-ms-request-id: 5e4053db-f01e-0052-6472-279224000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T172000Z-15b8d89586fwzdd8urmg0p1ebs0000000hc000000000a2h8
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:20:00 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


            Session IDSource IPSource PortDestination IPDestination Port
            36192.168.2.54975813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:20:00 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:20:00 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:20:00 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
            ETag: "0x8DC582B95C61A3C"
            x-ms-request-id: a783173c-501e-008c-2349-27cd39000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T172000Z-15b8d89586fnsf5zkvx8tfb0zc00000001x000000000f7cs
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:20:00 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            37192.168.2.54975913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:20:00 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:20:00 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:20:00 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
            ETag: "0x8DC582BB046B576"
            x-ms-request-id: 0ce3105a-501e-0029-7cd2-26d0b8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T172000Z-16849878b78fkwcjkpn19c5dsn00000005rg00000000vpg0
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-29 17:20:00 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            38192.168.2.54976013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:20:00 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:20:00 UTC470INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:20:00 GMT
            Content-Type: text/xml
            Content-Length: 400
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2D62837"
            x-ms-request-id: f5aa9a52-501e-0064-116a-271f54000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T172000Z-r197bdfb6b46kmj4701qkq602400000005x000000000bh2g
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:20:00 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


            Session IDSource IPSource PortDestination IPDestination Port
            39192.168.2.54975713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-29 17:20:00 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-29 17:20:01 UTC491INHTTP/1.1 200 OK
            Date: Tue, 29 Oct 2024 17:20:01 GMT
            Content-Type: text/xml
            Content-Length: 478
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
            ETag: "0x8DC582B9B233827"
            x-ms-request-id: 6856914c-401e-0029-0667-279b43000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241029T172001Z-15b8d89586fst84kttks1s2css00000000f0000000002ds6
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-29 17:20:01 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Statistics

            CPU Usage

            Click to jump to process

            Memory Usage

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:0
            Start time:13:19:31
            Start date:29/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:2
            Start time:13:19:34
            Start date:29/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2672 --field-trial-handle=2064,i,8224370898668809470,13047197004121646944,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:3
            Start time:13:19:36
            Start date:29/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gthr..uk/e8c3"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            Disassembly

            No disassembly