Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n

Overview

General Information

Sample URL:https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.
Analysis ID:1562194
Infos:

Detection

Anonymous Proxy
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected Anonymous Proxy detection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4940 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1852,i,7724950182119876291,828045722762287732,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6308 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_41JoeSecurity_AnonymousProxyYara detected Anonymous Proxy detectionJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_AnonymousProxyYara detected Anonymous Proxy detectionJoe Security

      Sigma Signatures

      No Sigma rule has matched

      Suricata Signatures

      No Suricata rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Antivirus / Scanner detection for submitted sample
      Source: https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=nAvira URL Cloud: detection malicious, Label: malware

      Phishing

      barindex
      Yara detected Anonymous Proxy detection
      Source: Yara matchFile source: 0.0.pages.csv, type: HTML
      Source: Yara matchFile source: dropped/chromecache_41, type: DROPPED
      Source: https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=nHTTP Parser: No favicon
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49742 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49743 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:49744 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49750 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:49751 version: TLS 1.2
      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 4.175.87.197
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: global trafficHTTP traffic detected: GET /xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n HTTP/1.1Host: guardiannostrils.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: guardiannostrils.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=nAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: u_pl19031770=1
      Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: guardiannostrils.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: u_pl19031770=1
      Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
      Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5B6l6MedlYKZKcF&MD=dW+MkguU HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5B6l6MedlYKZKcF&MD=dW+MkguU HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficDNS traffic detected: DNS query: guardiannostrils.com
      Source: global trafficDNS traffic detected: DNS query: www.google.com
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
      Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
      Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
      Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
      Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
      Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
      Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
      Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
      Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49742 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49743 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:49744 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49750 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.4:49751 version: TLS 1.2
      Source: classification engineClassification label: mal56.phis.win@16/2@6/5
      Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1852,i,7724950182119876291,828045722762287732,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n"
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1852,i,7724950182119876291,828045722762287732,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
      Source: Window RecorderWindow detected: More than 3 window changes detected

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
      Process Injection      		1
      Process Injection      		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
      Encrypted Channel      		Exfiltration Over Other Network MediumAbuse Accessibility Features
      CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
      Non-Application Layer Protocol      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
      Application Layer Protocol      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
      Ingress Tool Transfer      		Traffic DuplicationData Destruction

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n100%Avira URL Cloudmalware

      Dropped Files

      No Antivirus matches

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      No Antivirus matches

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      guardiannostrils.com
      		192.243.59.13
      		truefalse
        		high
        www.google.com
        		142.250.181.100
        		truefalse
          		high

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=nfalse
            		high
            https://guardiannostrils.com/favicon.icofalse
              		high

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              239.255.255.250
              		unknownReserved
              		unknownunknownfalse
              192.243.59.13
              		guardiannostrils.comDominica
              		39572ADVANCEDHOSTERS-ASNLfalse
              142.250.181.100
              		www.google.comUnited States
              		15169GOOGLEUSfalse

              Private

              IP
              192.168.2.16
              192.168.2.4

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1562194
              Start date and time:2024-11-25 10:31:35 +01:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:0h 2m 55s
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:browseurl.jbs
              Sample URL:https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:7
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Detection:MAL
              Classification:mal56.phis.win@16/2@6/5

              Warnings

              • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
              • Excluded IPs from analysis (whitelisted): 172.217.21.35, 74.125.205.84, 172.217.17.46, 34.104.35.123, 199.232.210.172, 192.229.221.95, 172.217.17.35
              • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, otelrules.azureedge.net, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
              • Not all processes where analyzed, report is missing behavior information
              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
              • VT rate limit hit for: https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n

              Simulations

              Behavior and APIs

              No simulations

              Joe Sandbox View / Context

              IPs

              No context

              Domains

              No context

              ASNs

              No context

              JA3 Fingerprints

              No context

              Dropped Files

              No context

              Created / dropped Files

              Chrome Cache Entry: 41

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:HTML document, ASCII text, with no line terminators
              Category:downloaded
              Size (bytes):118
              Entropy (8bit):4.7818237798351575
              Encrypted:false
              SSDEEP:3:PouVWJhquHbs0sJYkAK3BbZ6iFRDTiHj:h4hqIY0gYk/B96oTiD
              MD5:B0F623103CD51D764412D46F8A7E0816
              SHA1:3C88223ADEF88D7CB3EF5536B4B398EF54F31781
              SHA-256:FE40B26BCB3F34BA8F180D33623BB3B109597BA9B3F5596BA1BC6B665B8DCB67
              SHA-512:1C052EE3706787FC215FF4808784BDE23EBA8DD4028FE6CF3BA7C0D30D2869A2A0BD5231523BB4F3435B3653A481858E861CF855E908D468E4A1C10FCA95D2EB
              Malicious:false
              Reputation:low
              URL:https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n
              Preview:<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"></head><body><p>Anonymous Proxy detected.</p></body></html>

              Static File Info

              No static file info

              Network Behavior

              Network Port Distribution

              TCP Packets

              TimestampSource PortDest PortSource IPDest IP
              Nov 25, 2024 10:32:21.063345909 CET49675443192.168.2.4173.222.162.32
              Nov 25, 2024 10:32:30.672629118 CET49675443192.168.2.4173.222.162.32
              Nov 25, 2024 10:32:32.636734962 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.636837959 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:32.636919975 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.772257090 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.772298098 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:32.772365093 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.772773027 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.772854090 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:32.772927999 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.776797056 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.776828051 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:32.780581951 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.780599117 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:32.788986921 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:32.789001942 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.362066984 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:34.362112999 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:34.362207890 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:34.362452030 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:34.362471104 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:34.384272099 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.384538889 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.384552002 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.384633064 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.384932995 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.384962082 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.385623932 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.385684967 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.386007071 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.386122942 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.386771917 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.386837006 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.387173891 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.387182951 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.387198925 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.387284040 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.437052965 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.437082052 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.437114000 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.441219091 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.445291996 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.445303917 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.446419001 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.446486950 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.446995020 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.447102070 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.485194921 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.501560926 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.501574039 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.549194098 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.720940113 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.721020937 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.721124887 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.723920107 CET49738443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.723942995 CET44349738192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:34.779741049 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:34.827338934 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:35.111352921 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:35.111458063 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:35.111563921 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:35.223354101 CET49737443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:35.223402023 CET44349737192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:35.493351936 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:35.493395090 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:35.493453026 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:35.496659040 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:35.496675014 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:35.497065067 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:35.497164965 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:35.497251987 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:35.500349045 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:35.500363111 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:36.151674032 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:36.151907921 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:36.151932001 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:36.153559923 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:36.153620005 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:36.154732943 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:36.154818058 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:36.206399918 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:36.206408024 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:36.253293991 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:36.972474098 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:36.972548008 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:36.975938082 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:36.975948095 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:36.976166964 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.017328024 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.059329033 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.102224112 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.102514982 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.102530956 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.103615999 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.103789091 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.104187965 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.104242086 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.104533911 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.151326895 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.161379099 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.161396027 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.206504107 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.434648991 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.434726000 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.435169935 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.435276031 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.435276031 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.435302973 CET44349741192.243.59.13192.168.2.4
              Nov 25, 2024 10:32:37.437272072 CET49741443192.168.2.4192.243.59.13
              Nov 25, 2024 10:32:37.503979921 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.504054070 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.504165888 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.506439924 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.506493092 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.506531954 CET49742443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.506547928 CET4434974223.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.550893068 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.550973892 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:37.551280022 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.551358938 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:37.551369905 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.020015001 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.020142078 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:39.021514893 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:39.021526098 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.021769047 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.022978067 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:39.067323923 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.565771103 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.565953016 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.566044092 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:39.566751957 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:39.566775084 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:39.566787004 CET49743443192.168.2.423.218.208.109
              Nov 25, 2024 10:32:39.566792965 CET4434974323.218.208.109192.168.2.4
              Nov 25, 2024 10:32:43.587208033 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:43.587255955 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:43.587461948 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:43.588572979 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:43.588596106 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:45.412583113 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:45.412661076 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:45.416107893 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:45.416127920 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:45.416429043 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:45.468826056 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:45.823543072 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:45.823613882 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:45.823692083 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:46.470817089 CET49740443192.168.2.4142.250.181.100
              Nov 25, 2024 10:32:46.470855951 CET44349740142.250.181.100192.168.2.4
              Nov 25, 2024 10:32:46.936702013 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:46.983349085 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545460939 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545488119 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545494080 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545525074 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545542955 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545555115 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545588970 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:47.545625925 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.545646906 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:47.545681000 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:47.566330910 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.566406012 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:47.566421986 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:47.566445112 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:48.879404068 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:48.879437923 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:32:48.879456997 CET49744443192.168.2.44.175.87.197
              Nov 25, 2024 10:32:48.879465103 CET443497444.175.87.197192.168.2.4
              Nov 25, 2024 10:33:19.515151978 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:33:19.515167952 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:33:24.682427883 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:24.682471991 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:24.682542086 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:24.682883978 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:24.682894945 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:25.221467018 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:25.221509933 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:25.221582890 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:25.221898079 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:25.221910000 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:26.871337891 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:26.871416092 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:26.875514030 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:26.875523090 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:26.876050949 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:26.884769917 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:26.931338072 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.087516069 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.087645054 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.089524031 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.089534998 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.089751959 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.098062038 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.139345884 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.365008116 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.365034103 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.365051985 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.365221024 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.365247965 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.365262985 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.365294933 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.566155910 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.566195965 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.566222906 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.566239119 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.566265106 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.566288948 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.606193066 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.606234074 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.606344938 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.606353998 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.606576920 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.747647047 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.747688055 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.747886896 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.747912884 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.747978926 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.773657084 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.773679018 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.773910999 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.773919106 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.773967028 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.795900106 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.795919895 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.796161890 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.796168089 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.796235085 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.816912889 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.816951990 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.817011118 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.817018032 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.817203999 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.826530933 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.826554060 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.826569080 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.826742887 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.826776981 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.826834917 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.863548994 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.863590002 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.863637924 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.863766909 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.863786936 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.863977909 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.863992929 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.864005089 CET49751443192.168.2.44.175.87.197
              Nov 25, 2024 10:33:27.864010096 CET443497514.175.87.197192.168.2.4
              Nov 25, 2024 10:33:27.956856966 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.956883907 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.956921101 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.956933975 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.956945896 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.956976891 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.973180056 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.973200083 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.973246098 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.973258972 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.973269939 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.973377943 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.987180948 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.987214088 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.987246037 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.987257004 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:27.987287998 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:27.987302065 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.001032114 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.001055002 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.001091957 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.001100063 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.001116037 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.001132965 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.013889074 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.013936996 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.013962984 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.013971090 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.013993979 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.014012098 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.025820017 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.025860071 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.025890112 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.025896072 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.025989056 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.029630899 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.029695034 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.029702902 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.029731989 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.029743910 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.029771090 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.029855013 CET49750443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.029870987 CET4434975013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.072801113 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.072818041 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.072846889 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.072856903 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.072917938 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.073081017 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.073314905 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.073333979 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.073419094 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.073432922 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.074841022 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.074848890 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.075272083 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.075448036 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.075458050 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.076136112 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.076147079 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.076692104 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.076715946 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.076777935 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.076965094 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.077084064 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.077100039 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:28.077142954 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:28.077155113 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.855736017 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.855768919 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.856292009 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.856318951 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.856426954 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.856451035 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.856856108 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.856862068 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.857028961 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.857040882 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.857659101 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.857956886 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.857980013 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.858349085 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.858355045 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.920938969 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.921200991 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.921448946 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.921458960 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.921531916 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.921557903 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.921885967 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.921890020 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:29.922189951 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:29.922204971 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.303457022 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.303551912 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.303730965 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.303853989 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.303874016 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.303889036 CET49753443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.303895950 CET4434975313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.306231022 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.306273937 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.306508064 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.306698084 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.306711912 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.306772947 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.306796074 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.306849957 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.306860924 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.307003975 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.307003975 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.307018995 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.307157993 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.307188988 CET4434975613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.308888912 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.308914900 CET49756443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.308924913 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.308990002 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.309103966 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309113026 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.309123993 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309127092 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309196949 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.309220076 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309267044 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.309307098 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.309310913 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309325933 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.309703112 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309735060 CET4434975413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.309784889 CET49754443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.311105967 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.311148882 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.314004898 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.314146996 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.314165115 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.376537085 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.376594067 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.376728058 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.376755953 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.376769066 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.376779079 CET49755443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.376784086 CET4434975513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.378690004 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.378719091 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.378778934 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.378907919 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.378921986 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381093979 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381119013 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381165981 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.381177902 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381290913 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.381336927 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.381342888 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381355047 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.381479979 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381506920 CET4434975213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.381551027 CET49752443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.383125067 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.383162022 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:30.383224010 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.383338928 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:30.383353949 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.065157890 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.065738916 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.065774918 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.066431999 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.066437960 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.103877068 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.104470968 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.104500055 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.105057955 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.105072021 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.121175051 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.121586084 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.121601105 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.122150898 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.122155905 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.153548002 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.154270887 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.154289961 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.155033112 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.155039072 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.158525944 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.158884048 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.158895969 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.159311056 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.159321070 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.498949051 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.499010086 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.499077082 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.499250889 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.499250889 CET49760443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.499275923 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.499295950 CET4434976013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.501853943 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.501899004 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.501975060 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.502187967 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.502203941 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.552179098 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.552277088 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.552335978 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.552520037 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.552541018 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.552587032 CET49758443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.552593946 CET4434975813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.555469036 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.555516005 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.555596113 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.555754900 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.555771112 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.557485104 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.557549000 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.557609081 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.557699919 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.557718992 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.557744980 CET49762443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.557749987 CET4434976213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.560014963 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.560046911 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.560122967 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.560247898 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.560266972 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.602169037 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.602219105 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.602279902 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.602473974 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.602488041 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.602498055 CET49761443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.602504015 CET4434976113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.605386019 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.605411053 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.605500937 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.605638981 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.605644941 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.606683016 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.606755972 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.606806040 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.606920958 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.606935024 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.606945992 CET49759443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.606950998 CET4434975913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.609263897 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.609277010 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:32.609344959 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.609580040 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:32.609584093 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:33.889605045 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:33:33.889695883 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:33:33.889760017 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:33:34.274344921 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.274952888 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.274976015 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.275580883 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.275588036 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.282211065 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.282569885 CET49736443192.168.2.4192.243.59.13
              Nov 25, 2024 10:33:34.282593012 CET44349736192.243.59.13192.168.2.4
              Nov 25, 2024 10:33:34.282852888 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.282862902 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.282886982 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:34.282927990 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:34.282991886 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:34.283262968 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:34.283277035 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:34.283400059 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.283405066 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.336004019 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.336622000 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.336642027 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.337178946 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.337183952 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.387264013 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.387877941 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.387897015 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.388451099 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.388456106 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.389908075 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.390175104 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.390187979 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.390625954 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.390630007 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.708417892 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.708472967 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.708678007 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.708708048 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.708724022 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.708733082 CET49765443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.708738089 CET4434976513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.711931944 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.712021112 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.712117910 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.712276936 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.712310076 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.726100922 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.726159096 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.726289034 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.726499081 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.726499081 CET49763443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.726517916 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.726527929 CET4434976313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.728517056 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.728543043 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.728612900 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.728734016 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.728745937 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.779917955 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.779999971 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.780179024 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.780209064 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.780209064 CET49764443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.780230999 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.780242920 CET4434976413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.782922029 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.782960892 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.783051968 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.783193111 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.783221006 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.833801985 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.833858013 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.834072113 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.834095955 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.834110022 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.834121943 CET49766443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.834127903 CET4434976613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.834490061 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.834537983 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.836796045 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.836829901 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.836838007 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.836874008 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.836886883 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.836896896 CET49767443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.836900949 CET4434976713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.836915016 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.837090015 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.837101936 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.839351892 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.839390039 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:34.839469910 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.839590073 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:34.839602947 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:35.969634056 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:35.970000982 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:35.970012903 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:35.970293045 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:35.970709085 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:35.970765114 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:36.015217066 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:36.451600075 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.452403069 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.452426910 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.453654051 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.453660011 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.512706995 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.513096094 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.513173103 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.513650894 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.513680935 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.567558050 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.567907095 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.567954063 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.568437099 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.568449020 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.619015932 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.619435072 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.619457960 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.619980097 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.619985104 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.680881023 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.681262016 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.681302071 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.681791067 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.681809902 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.885767937 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.885837078 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.885899067 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.886120081 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.886137962 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.886151075 CET49770443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.886157036 CET4434977013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.889349937 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.889420986 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.889523983 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.889674902 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.889705896 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.957778931 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.957844973 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.957901001 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.958081961 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.958100080 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.958111048 CET49769443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.958117008 CET4434976913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.960968971 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.961011887 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:36.961091995 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.961242914 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:36.961253881 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.014255047 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.014321089 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.014370918 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.014503002 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.014528990 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.014542103 CET49771443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.014547110 CET4434977113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.017678022 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.017697096 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.017755985 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.017882109 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.017895937 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.062304020 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.062364101 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.062410116 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.062530994 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.062547922 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.062558889 CET49773443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.062563896 CET4434977313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.064970970 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.065013885 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.065093994 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.065232038 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.065243006 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.133460045 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.133524895 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.133574963 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.133692980 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.133730888 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.133758068 CET49772443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.133775949 CET4434977213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.136476994 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.136509895 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:37.136564016 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.136683941 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:37.136697054 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.673162937 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.673683882 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.673711061 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.674297094 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.674302101 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.677572012 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.677923918 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.677939892 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.678431034 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.678436041 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.774106979 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.774861097 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.774899006 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.775525093 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.775532007 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.981703997 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.982409000 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.982429981 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:38.983009100 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:38.983015060 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.113895893 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.113970041 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.114018917 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.114203930 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.114222050 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.114233017 CET49775443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.114238024 CET4434977513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.117666006 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.117705107 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.117729902 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.117774963 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.117794037 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.117831945 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.118041039 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.118061066 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.118073940 CET49774443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.118078947 CET4434977413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.118079901 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.118094921 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.121068954 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.121090889 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.121164083 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.121364117 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.121377945 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.210167885 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.210233927 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.210279942 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.210406065 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.210422039 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.210432053 CET49776443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.210438013 CET4434977613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.213428974 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.213463068 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.213525057 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.213748932 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.213761091 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.435549021 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.435617924 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.435687065 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.435940981 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.435986042 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.436016083 CET49778443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.436032057 CET4434977813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.439611912 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.439656973 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:39.439733028 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.439938068 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:39.439951897 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.629900932 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.633691072 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:40.633714914 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.634151936 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:40.634156942 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.838887930 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.839565992 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:40.839598894 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.840046883 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:40.840053082 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.902292013 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.902957916 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:40.902976990 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:40.903335094 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:40.903338909 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.004319906 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.004827023 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.004858971 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.005227089 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.005234003 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.081252098 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.081310987 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.081412077 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.081604004 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.081619978 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.081629992 CET49777443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.081636906 CET4434977713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.084029913 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.084069014 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.084163904 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.084279060 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.084294081 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.279155970 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.279217958 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.279297113 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.279514074 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.279546022 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.279563904 CET49780443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.279572010 CET4434978013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.282723904 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.282754898 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.282830000 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.283025026 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.283039093 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.312632084 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.313062906 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.313075066 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.313688993 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.313695908 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.357870102 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.357930899 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.358000994 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.358195066 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.358208895 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.358222008 CET49779443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.358227015 CET4434977913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.361267090 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.361311913 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.361407995 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.361596107 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.361612082 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.457814932 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.457885027 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.457953930 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.458178043 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.458188057 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.458211899 CET49781443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.458216906 CET4434978113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.461488008 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.461509943 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.461620092 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.461812019 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.461826086 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.767605066 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.767679930 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.767746925 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.767918110 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.767939091 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.767951965 CET49782443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.767957926 CET4434978213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.770229101 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.770271063 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:41.770355940 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.770493031 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:41.770509005 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:42.932847023 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:42.933532953 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:42.933552027 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:42.934011936 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:42.934017897 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.066695929 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.067437887 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.067456961 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.067898035 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.067903996 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.079910040 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.080408096 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.080450058 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.080979109 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.080986977 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.240896940 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.241513968 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.241533995 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.242161036 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.242166042 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.385843992 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.385910988 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.386046886 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.386311054 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.386328936 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.386343956 CET49783443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.386348963 CET4434978313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.389883995 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.389976978 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.390093088 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.390312910 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.390342951 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.512279034 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.512346029 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.512603998 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.512650013 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.512664080 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.512679100 CET49784443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.512686014 CET4434978413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.514272928 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.514333010 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.514441013 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.514614105 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.514614105 CET49785443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.514628887 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.514636993 CET4434978513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.515750885 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.515784025 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.516973972 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.517009020 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.517009974 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.517092943 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.517282009 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.517307997 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.517401934 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.517420053 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.554198980 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.554678917 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.554696083 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.555066109 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.555071115 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.936110973 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.936187029 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.936438084 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.936482906 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.936502934 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.936516047 CET49786443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.936522007 CET4434978613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.939537048 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.939559937 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:43.939644098 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.939796925 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:43.939809084 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:44.143043995 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:44.143106937 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:44.143229961 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:44.143583059 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:44.143583059 CET49787443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:44.143596888 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:44.143604994 CET4434978713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:44.146960020 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:44.146996975 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:44.147058964 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:44.147253036 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:44.147268057 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.236604929 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.237194061 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.237268925 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.237669945 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.237684965 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.476016045 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.476620913 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.476680040 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.477102995 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.477117062 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.540690899 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.541136026 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.541152000 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.541817904 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.541825056 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.666254044 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:45.666337013 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:45.666385889 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:45.689289093 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.689352036 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.689403057 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.689625025 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.689678907 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.689707994 CET49788443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.689723015 CET4434978813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.693135977 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.693162918 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.693233013 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.693396091 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.693408012 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.719860077 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.720247030 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.720257998 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.720803976 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.720808983 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.865758896 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.866233110 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.866261005 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.866682053 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.866687059 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.920814991 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.920921087 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.921025991 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.921233892 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.921274900 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.921303988 CET49790443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.921319962 CET4434979013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.924149036 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.924185038 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.924266100 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.924413919 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.924427032 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.994100094 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.994159937 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.994225025 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.994308949 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.994326115 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.994334936 CET49789443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.994340897 CET4434978913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.996452093 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.996483088 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:45.996545076 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.996654987 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:45.996669054 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.164210081 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.164283037 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.164325953 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.164422035 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.164434910 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.164443970 CET49791443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.164449930 CET4434979113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.166419983 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.166491032 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.166558981 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.166748047 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.166783094 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.302216053 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.302278996 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.304267883 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.304270029 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.304270029 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.304270983 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.304290056 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.304347992 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.304446936 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.304460049 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:46.469970942 CET49768443192.168.2.4142.250.181.100
              Nov 25, 2024 10:33:46.469990015 CET44349768142.250.181.100192.168.2.4
              Nov 25, 2024 10:33:46.608964920 CET49792443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:46.608997107 CET4434979213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.475109100 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.475817919 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.475863934 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.476274014 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.476289034 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.508423090 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.509012938 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.509033918 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.509428024 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.509434938 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.713171959 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.713712931 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.713749886 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.714158058 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.714174986 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.919008970 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.919159889 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.919234991 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.919342995 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.919359922 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.919385910 CET49793443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.919393063 CET4434979313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.922341108 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.922426939 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.922502041 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.922640085 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.922661066 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.954997063 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.955055952 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.955117941 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.955284119 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.955322981 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.955343008 CET49794443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.955351114 CET4434979413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.955687046 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.956084967 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.956125021 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.956562042 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.956573009 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.957854033 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.957886934 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:47.957956076 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.958070040 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:47.958082914 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.086322069 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.086992979 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.087019920 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.087493896 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.087500095 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.157438993 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.157505035 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.157567024 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.157793999 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.157819033 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.157833099 CET49795443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.157841921 CET4434979513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.160969973 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.161020041 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.161081076 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.161253929 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.161267996 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.399544001 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.399629116 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.399694920 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.399954081 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.400005102 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.400034904 CET49796443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.400052071 CET4434979613.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.402689934 CET49801443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.402728081 CET4434980113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.402801037 CET49801443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.402961016 CET49801443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.402976990 CET4434980113.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.530776978 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.530940056 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.530987978 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.531043053 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.531064034 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.531078100 CET49797443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.531085968 CET4434979713.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.534909964 CET49802443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.535033941 CET4434980213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:48.535099983 CET49802443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.535249949 CET49802443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:48.535288095 CET4434980213.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.062978029 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.063186884 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.063591957 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.063606024 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.063927889 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.063946962 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.064063072 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.064069033 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.064423084 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.064428091 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.065824986 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.066155910 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.066210032 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.066553116 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.066566944 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.508630037 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.508697033 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.508925915 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.508960009 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.508984089 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.508997917 CET49800443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.509005070 CET4434980013.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.511770964 CET49803443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.511801958 CET4434980313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.511885881 CET49803443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.512058973 CET49803443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.512074947 CET4434980313.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.517350912 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.517406940 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.517548084 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.517591000 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.517591000 CET49799443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.517608881 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.517617941 CET4434979913.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.519503117 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.519627094 CET49804443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.519655943 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.519659996 CET4434980413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.519727945 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.519743919 CET49804443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.519871950 CET49804443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.519879103 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.519885063 CET4434980413.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.519917011 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.519944906 CET49798443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.519958973 CET4434979813.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.521686077 CET49805443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.521733046 CET4434980513.107.246.63192.168.2.4
              Nov 25, 2024 10:33:50.521797895 CET49805443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.521929979 CET49805443192.168.2.413.107.246.63
              Nov 25, 2024 10:33:50.521950960 CET4434980513.107.246.63192.168.2.4

              UDP Packets

              TimestampSource PortDest PortSource IPDest IP
              Nov 25, 2024 10:32:29.877943993 CET53513841.1.1.1192.168.2.4
              Nov 25, 2024 10:32:29.947036982 CET53617911.1.1.1192.168.2.4
              Nov 25, 2024 10:32:32.210648060 CET5361353192.168.2.41.1.1.1
              Nov 25, 2024 10:32:32.210860014 CET5036453192.168.2.41.1.1.1
              Nov 25, 2024 10:32:32.580657959 CET53503641.1.1.1192.168.2.4
              Nov 25, 2024 10:32:32.582178116 CET53536131.1.1.1192.168.2.4
              Nov 25, 2024 10:32:32.989571095 CET53646251.1.1.1192.168.2.4
              Nov 25, 2024 10:32:34.219973087 CET6222153192.168.2.41.1.1.1
              Nov 25, 2024 10:32:34.220232010 CET6012853192.168.2.41.1.1.1
              Nov 25, 2024 10:32:34.358840942 CET53622211.1.1.1192.168.2.4
              Nov 25, 2024 10:32:34.360719919 CET53601281.1.1.1192.168.2.4
              Nov 25, 2024 10:32:35.354463100 CET5452653192.168.2.41.1.1.1
              Nov 25, 2024 10:32:35.354717970 CET5948853192.168.2.41.1.1.1
              Nov 25, 2024 10:32:35.492327929 CET53594881.1.1.1192.168.2.4
              Nov 25, 2024 10:32:35.492475986 CET53545261.1.1.1192.168.2.4
              Nov 25, 2024 10:32:48.599622965 CET138138192.168.2.4192.168.2.255
              Nov 25, 2024 10:32:49.966181040 CET53648741.1.1.1192.168.2.4
              Nov 25, 2024 10:33:08.731867075 CET53624991.1.1.1192.168.2.4
              Nov 25, 2024 10:33:29.720324039 CET53585331.1.1.1192.168.2.4
              Nov 25, 2024 10:33:31.733720064 CET53507871.1.1.1192.168.2.4

              DNS Queries

              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
              Nov 25, 2024 10:32:32.210648060 CET192.168.2.41.1.1.10x1406Standard query (0)guardiannostrils.comA (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.210860014 CET192.168.2.41.1.1.10x75ceStandard query (0)guardiannostrils.com65IN (0x0001)false
              Nov 25, 2024 10:32:34.219973087 CET192.168.2.41.1.1.10x8fc4Standard query (0)www.google.comA (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:34.220232010 CET192.168.2.41.1.1.10x6f21Standard query (0)www.google.com65IN (0x0001)false
              Nov 25, 2024 10:32:35.354463100 CET192.168.2.41.1.1.10x32cdStandard query (0)guardiannostrils.comA (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.354717970 CET192.168.2.41.1.1.10x5dd7Standard query (0)guardiannostrils.com65IN (0x0001)false

              DNS Answers

              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com192.243.59.13A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com192.243.61.225A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com172.240.108.84A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com192.243.59.20A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com172.240.253.132A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com172.240.108.76A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com172.240.108.68A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com192.243.59.12A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com192.243.61.227A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:32.582178116 CET1.1.1.1192.168.2.40x1406No error (0)guardiannostrils.com172.240.127.234A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:34.358840942 CET1.1.1.1192.168.2.40x8fc4No error (0)www.google.com142.250.181.100A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:34.360719919 CET1.1.1.1192.168.2.40x6f21No error (0)www.google.com65IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com192.243.59.13A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com192.243.61.227A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com172.240.108.84A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com192.243.59.20A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com172.240.253.132A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com172.240.108.76A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com172.240.127.234A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com192.243.59.12A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com192.243.61.225A (IP address)IN (0x0001)false
              Nov 25, 2024 10:32:35.492475986 CET1.1.1.1192.168.2.40x32cdNo error (0)guardiannostrils.com172.240.108.68A (IP address)IN (0x0001)false

              HTTP Request Dependency Graph

              • guardiannostrils.com
              • https:
              • fs.microsoft.com
              • slscr.update.microsoft.com
              • otelrules.azureedge.net

              HTTPS Proxied Packets

              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              0192.168.2.449738192.243.59.134434940C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-11-25 09:32:34 UTC924OUTGET /xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n HTTP/1.1
              Host: guardiannostrils.com
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              sec-ch-ua-platform: "Windows"
              Upgrade-Insecure-Requests: 1
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: navigate
              Sec-Fetch-User: ?1
              Sec-Fetch-Dest: document
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              2024-11-25 09:32:34 UTC826INHTTP/1.1 200 OK
              Server: nginx/1.19.5
              Date: Mon, 25 Nov 2024 09:32:34 GMT
              Content-Type: text/html
              Content-Length: 118
              Connection: close
              P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
              Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
              Set-Cookie: u_pl19031770=1; expires=Tue, 26 Nov 2024 09:32:34 GMT; path=/
              Host: guardiannostrils.com
              Expires: Thu, 01 Jan 1970 00:00:01 GMT
              Cache-Control: no-cache
              X-Request-ID: d75839c2b97b9529c2928776563d1463
              Cache-Control: max-age=0, private, no-cache
              Pragma: no-cache
              Strict-Transport-Security: max-age=0; includeSubdomains
              2024-11-25 09:32:34 UTC118INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 70 3e 41 6e 6f 6e 79 6d 6f 75 73 20 50 72 6f 78 79 20 64 65 74 65 63 74 65 64 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
              Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"></head><body><p>Anonymous Proxy detected.</p></body></html>


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              1192.168.2.449737192.243.59.134434940C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-11-25 09:32:34 UTC1105OUTGET /favicon.ico HTTP/1.1
              Host: guardiannostrils.com
              Connection: keep-alive
              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
              sec-ch-ua-mobile: ?0
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              sec-ch-ua-full-version: "117.0.5938.132"
              sec-ch-ua-platform-version: "10.0.0"
              sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
              sec-ch-ua-model: ""
              sec-ch-ua-platform: "Windows"
              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
              Sec-Fetch-Site: same-origin
              Sec-Fetch-Mode: no-cors
              Sec-Fetch-Dest: image
              Referer: https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              Cookie: u_pl19031770=1
              2024-11-25 09:32:35 UTC377INHTTP/1.1 200 OK
              Server: nginx/1.19.5
              Date: Mon, 25 Nov 2024 09:32:34 GMT
              Content-Type: image/x-icon
              Content-Length: 0
              Connection: close
              Expires: Thu, 01 Jan 1970 00:00:01 GMT
              Cache-Control: no-cache
              X-Request-ID: 3d2c5c87ff4d6650aec7bca552016eb0
              Cache-Control: max-age=0, private, no-cache
              Pragma: no-cache
              Strict-Transport-Security: max-age=0; includeSubdomains


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              2192.168.2.44974223.218.208.109443
              TimestampBytes transferredDirectionData
              2024-11-25 09:32:37 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              Accept-Encoding: identity
              User-Agent: Microsoft BITS/7.8
              Host: fs.microsoft.com
              2024-11-25 09:32:37 UTC478INHTTP/1.1 200 OK
              Content-Type: application/octet-stream
              Server: Kestrel
              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
              X-Ms-ApiVersion: Distribute 1.2
              X-Ms-Region: prod-eus-z1
              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
              X-OSID: 2
              X-CID: 2
              X-CCC: GB
              Cache-Control: public, max-age=86454
              Date: Mon, 25 Nov 2024 09:32:37 GMT
              Connection: close
              X-CID: 2


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              3192.168.2.449741192.243.59.134434940C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-11-25 09:32:37 UTC379OUTGET /favicon.ico HTTP/1.1
              Host: guardiannostrils.com
              Connection: keep-alive
              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
              Accept: */*
              Sec-Fetch-Site: none
              Sec-Fetch-Mode: cors
              Sec-Fetch-Dest: empty
              Accept-Encoding: gzip, deflate, br
              Accept-Language: en-US,en;q=0.9
              Cookie: u_pl19031770=1
              2024-11-25 09:32:37 UTC377INHTTP/1.1 200 OK
              Server: nginx/1.19.5
              Date: Mon, 25 Nov 2024 09:32:37 GMT
              Content-Type: image/x-icon
              Content-Length: 0
              Connection: close
              Expires: Thu, 01 Jan 1970 00:00:01 GMT
              Cache-Control: no-cache
              X-Request-ID: 429b94c25e7520723a36113d67d2e61b
              Cache-Control: max-age=0, private, no-cache
              Pragma: no-cache
              Strict-Transport-Security: max-age=0; includeSubdomains


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              4192.168.2.44974323.218.208.109443
              TimestampBytes transferredDirectionData
              2024-11-25 09:32:39 UTC239OUTGET /fs/windows/config.json HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              Accept-Encoding: identity
              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
              Range: bytes=0-2147483646
              User-Agent: Microsoft BITS/7.8
              Host: fs.microsoft.com
              2024-11-25 09:32:39 UTC534INHTTP/1.1 200 OK
              Content-Type: application/octet-stream
              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
              ApiVersion: Distribute 1.1
              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
              X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
              Cache-Control: public, max-age=86430
              Date: Mon, 25 Nov 2024 09:32:39 GMT
              Content-Length: 55
              Connection: close
              X-CID: 2
              2024-11-25 09:32:39 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              5192.168.2.4497444.175.87.197443
              TimestampBytes transferredDirectionData
              2024-11-25 09:32:46 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5B6l6MedlYKZKcF&MD=dW+MkguU HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
              Host: slscr.update.microsoft.com
              2024-11-25 09:32:47 UTC560INHTTP/1.1 200 OK
              Cache-Control: no-cache
              Pragma: no-cache
              Content-Type: application/octet-stream
              Expires: -1
              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
              ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
              MS-CorrelationId: 84829f02-5c69-4162-a8fb-e268a7ce1239
              MS-RequestId: c050e93c-a899-4edf-84de-a0ca3340ab9d
              MS-CV: r1fuMpoO1EGQdlJg.0
              X-Microsoft-SLSClientCache: 2880
              Content-Disposition: attachment; filename=environment.cab
              X-Content-Type-Options: nosniff
              Date: Mon, 25 Nov 2024 09:32:46 GMT
              Connection: close
              Content-Length: 24490
              2024-11-25 09:32:47 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
              Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
              2024-11-25 09:32:47 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
              Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


              Session IDSource IPSource PortDestination IPDestination Port
              6192.168.2.44975013.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:26 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:27 UTC471INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:27 GMT
              Content-Type: text/plain
              Content-Length: 218853
              Connection: close
              Vary: Accept-Encoding
              Cache-Control: public
              Last-Modified: Sat, 23 Nov 2024 12:15:37 GMT
              ETag: "0x8DD0BB889D4282C"
              x-ms-request-id: 19b35b80-c01e-0049-150a-3eac27000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093327Z-15b8b599d882zv28hC1TEBdchn00000005k000000000d750
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:27 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
              Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
              2024-11-25 09:33:27 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
              Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
              2024-11-25 09:33:27 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
              Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
              2024-11-25 09:33:27 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
              Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
              2024-11-25 09:33:27 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
              Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
              2024-11-25 09:33:27 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
              Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
              2024-11-25 09:33:27 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
              Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
              2024-11-25 09:33:27 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
              Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
              2024-11-25 09:33:27 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
              Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
              2024-11-25 09:33:27 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
              Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              7192.168.2.4497514.175.87.197443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:27 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=5B6l6MedlYKZKcF&MD=dW+MkguU HTTP/1.1
              Connection: Keep-Alive
              Accept: */*
              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
              Host: slscr.update.microsoft.com
              2024-11-25 09:33:27 UTC560INHTTP/1.1 200 OK
              Cache-Control: no-cache
              Pragma: no-cache
              Content-Type: application/octet-stream
              Expires: -1
              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
              ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
              MS-CorrelationId: e8487caf-960e-4b91-9b5b-76f6355d8042
              MS-RequestId: d1350076-0295-457c-830c-670872f527fc
              MS-CV: +PZok1jpZ0qV7lMd.0
              X-Microsoft-SLSClientCache: 1440
              Content-Disposition: attachment; filename=environment.cab
              X-Content-Type-Options: nosniff
              Date: Mon, 25 Nov 2024 09:33:27 GMT
              Connection: close
              Content-Length: 30005
              2024-11-25 09:33:27 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
              Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
              2024-11-25 09:33:27 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
              Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


              Session IDSource IPSource PortDestination IPDestination Port
              8192.168.2.44975313.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:29 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:30 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:30 GMT
              Content-Type: text/xml
              Content-Length: 450
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
              ETag: "0x8DC582BD4C869AE"
              x-ms-request-id: ac6669be-e01e-003c-668c-3ac70b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093330Z-174c587ffdf59vqchC1TEByk6800000005w000000000b0aa
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:30 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


              Session IDSource IPSource PortDestination IPDestination Port
              9192.168.2.44975413.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:29 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:30 UTC494INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:30 GMT
              Content-Type: text/xml
              Content-Length: 2980
              Connection: close
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: 685d8613-b01e-0001-50f7-3e46e2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093330Z-15b8b599d88tr2flhC1TEB5gk400000005u000000000c5sm
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:30 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


              Session IDSource IPSource PortDestination IPDestination Port
              10192.168.2.44975613.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:29 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:30 UTC494INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:30 GMT
              Content-Type: text/xml
              Content-Length: 2160
              Connection: close
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA3B95D81"
              x-ms-request-id: 2aa1f1ad-b01e-003d-7c43-3cd32c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093330Z-174c587ffdfks6tlhC1TEBeza400000005s000000000fdne
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:30 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


              Session IDSource IPSource PortDestination IPDestination Port
              11192.168.2.44975513.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:29 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:30 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:30 GMT
              Content-Type: text/xml
              Content-Length: 408
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB56D3AFB"
              x-ms-request-id: b169a0d5-c01e-00a2-4e03-3e2327000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093330Z-178bfbc474btrnf9hC1NYCb80g00000007ag00000000b80n
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:30 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              12192.168.2.44975213.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:29 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:30 UTC494INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:30 GMT
              Content-Type: text/xml
              Content-Length: 3788
              Connection: close
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC2126A6"
              x-ms-request-id: 3b133675-d01e-002b-536c-3d25fb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093330Z-15b8b599d88m7pn7hC1TEB4axw00000005s000000000bcr3
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:30 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


              Session IDSource IPSource PortDestination IPDestination Port
              13192.168.2.44976013.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:32 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:32 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:32 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
              ETag: "0x8DC582BB10C598B"
              x-ms-request-id: ce5ebd39-a01e-0053-183c-3c8603000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093332Z-15b8b599d88qw29phC1TEB5zag00000005u0000000002gdy
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:32 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              14192.168.2.44975813.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:32 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:32 UTC491INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:32 GMT
              Content-Type: text/xml
              Content-Length: 474
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
              ETag: "0x8DC582B9964B277"
              x-ms-request-id: 73bf7d7c-c01e-000b-6bd1-3ee255000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093332Z-15b8b599d882zv28hC1TEBdchn00000005h000000000g438
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-11-25 09:33:32 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              15192.168.2.44976213.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:32 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:32 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:32 GMT
              Content-Type: text/xml
              Content-Length: 467
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
              ETag: "0x8DC582BA6C038BC"
              x-ms-request-id: 6ebbc676-001e-005a-784b-3cc3d0000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093332Z-15b8b599d88tmlzshC1TEB4xpn00000005k000000000erht
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:32 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              16192.168.2.44975913.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:32 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:32 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:32 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
              ETag: "0x8DC582B9F6F3512"
              x-ms-request-id: a6bfa609-001e-00a2-4d66-3bd4d5000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093332Z-178bfbc474btrnf9hC1NYCb80g00000007d0000000007k95
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:32 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              17192.168.2.44976113.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:32 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:32 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:32 GMT
              Content-Type: text/xml
              Content-Length: 632
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB6E3779E"
              x-ms-request-id: d8f13441-a01e-0021-5e2d-3c814c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093332Z-178bfbc474bv587zhC1NYCny5w000000078g0000000001zm
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:32 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


              Session IDSource IPSource PortDestination IPDestination Port
              18192.168.2.44976513.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:34 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:34 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:34 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
              ETag: "0x8DC582BA310DA18"
              x-ms-request-id: d33c8b0a-101e-00a2-48c7-3d9f2e000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093334Z-15b8b599d8885prmhC1TEBsnkw00000005wg0000000074b1
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:34 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              19192.168.2.44976313.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:34 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:34 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:34 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
              ETag: "0x8DC582BBAD04B7B"
              x-ms-request-id: 464f6e4e-101e-005a-3b0e-3e882b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093334Z-178bfbc474bfw4gbhC1NYCunf4000000076000000000b5y9
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:34 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              20192.168.2.44976413.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:34 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:34 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:34 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB344914B"
              x-ms-request-id: 5fd12e2e-e01e-0051-1fc8-3e84b2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093334Z-178bfbc474bmqmgjhC1NYCy16c00000007eg000000000ua9
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:34 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              21192.168.2.44976613.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:34 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:34 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:34 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
              ETag: "0x8DC582B9018290B"
              x-ms-request-id: aff2abcc-f01e-0003-4547-3c4453000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093334Z-178bfbc474bw8bwphC1NYC38b4000000071000000000a7s2
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:34 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              22192.168.2.44976713.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:34 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:34 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:34 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
              ETag: "0x8DC582B9698189B"
              x-ms-request-id: 30a29eaf-701e-001e-220f-3ef5e6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093334Z-178bfbc474btrnf9hC1NYCb80g00000007ag00000000b83a
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:34 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              23192.168.2.44977013.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:36 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:36 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:36 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA41997E3"
              x-ms-request-id: ba5d631a-801e-0047-14d1-3e7265000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093336Z-178bfbc474b7cbwqhC1NYC8z4n000000074000000000a5k1
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:36 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              24192.168.2.44976913.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:36 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:36 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:36 GMT
              Content-Type: text/xml
              Content-Length: 469
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
              ETag: "0x8DC582BBA701121"
              x-ms-request-id: ce6e3a8c-101e-0017-74b5-3e47c7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093336Z-178bfbc474b9xljthC1NYCtw9400000007700000000040tx
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:36 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              25192.168.2.44977113.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:36 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:37 UTC491INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:36 GMT
              Content-Type: text/xml
              Content-Length: 477
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8CEAC16"
              x-ms-request-id: 4834b854-301e-005d-3ab8-3ee448000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093336Z-174c587ffdf8lw6dhC1TEBkgs800000005qg00000000cmxy
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:37 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              26192.168.2.44977313.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:36 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:37 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:36 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB7010D66"
              x-ms-request-id: e328efd5-c01e-00a2-56bf-3e2327000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093336Z-178bfbc474bbcwv4hC1NYCypys000000072g000000008nhx
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:37 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              27192.168.2.44977213.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:36 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:37 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:36 GMT
              Content-Type: text/xml
              Content-Length: 464
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97FB6C3C"
              x-ms-request-id: 3257ccc0-201e-005d-19b5-3eafb3000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093336Z-178bfbc474bq2pr7hC1NYCkfgg00000007f00000000037dk
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:37 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


              Session IDSource IPSource PortDestination IPDestination Port
              28192.168.2.44977413.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:38 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:39 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:38 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
              ETag: "0x8DC582B9748630E"
              x-ms-request-id: c77577e7-501e-0078-0da6-3e06cf000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093338Z-178bfbc474bmqmgjhC1NYCy16c00000007eg000000000uee
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:39 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              29192.168.2.44977513.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:38 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:39 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:38 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DACDF62"
              x-ms-request-id: 2b92647c-c01e-00a2-646f-3b2327000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093338Z-174c587ffdftv9hphC1TEBm29w00000005pg000000009mek
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:39 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              30192.168.2.44977613.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:38 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:39 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:39 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
              ETag: "0x8DC582B9E8EE0F3"
              x-ms-request-id: b12c7864-501e-007b-43bf-3e5ba2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093339Z-178bfbc474bnwsh4hC1NYC2ubs00000007dg000000002g9p
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:39 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              31192.168.2.44977813.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:38 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:39 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:39 GMT
              Content-Type: text/xml
              Content-Length: 428
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC4F34CA"
              x-ms-request-id: 57389be4-e01e-0003-606c-3c0fa8000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093339Z-174c587ffdfx984chC1TEB676g00000005vg000000000bc9
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:39 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              32192.168.2.44977713.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:40 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:41 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:40 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C8E04C8"
              x-ms-request-id: 6ea5360a-801e-002a-4904-3e31dc000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093340Z-178bfbc474bpscmfhC1NYCfc2c00000005xg000000003ag9
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:41 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              33192.168.2.44978013.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:40 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:41 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:41 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B988EBD12"
              x-ms-request-id: a839412a-a01e-0032-5a3c-3d1949000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093341Z-174c587ffdf59vqchC1TEByk6800000005y0000000005vgx
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:41 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              34192.168.2.44977913.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:40 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:41 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:41 GMT
              Content-Type: text/xml
              Content-Length: 499
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
              ETag: "0x8DC582B98CEC9F6"
              x-ms-request-id: be70ec4e-301e-000c-088c-3a323f000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093341Z-174c587ffdf9xbcchC1TEBxkz400000005hg00000000dr0e
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:41 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              35192.168.2.44978113.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:41 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:41 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:41 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB5815C4C"
              x-ms-request-id: 12cef178-a01e-0070-7e6c-3d573b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093341Z-174c587ffdf7t49mhC1TEB4qbg00000005rg000000003q1r
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:41 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              36192.168.2.44978213.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:41 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:41 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:41 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB32BB5CB"
              x-ms-request-id: 15a67567-d01e-0066-07eb-3bea17000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093341Z-15b8b599d882hxlwhC1TEBfa5w00000005p0000000007v0w
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:41 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              37192.168.2.44978313.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:42 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:43 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:43 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8972972"
              x-ms-request-id: 52ac3eb7-c01e-0079-7e4e-3ce51a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093343Z-15b8b599d88phfhnhC1TEBr51n00000005u000000000c9k5
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:43 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              38192.168.2.44978413.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:43 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:43 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:43 GMT
              Content-Type: text/xml
              Content-Length: 420
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DAE3EC0"
              x-ms-request-id: 2160d4c7-701e-0021-5913-3d3d45000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093343Z-178bfbc474b9fdhphC1NYCac0n000000078g0000000038qn
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:43 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


              Session IDSource IPSource PortDestination IPDestination Port
              39192.168.2.44978513.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:43 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:43 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:43 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
              ETag: "0x8DC582B9D43097E"
              x-ms-request-id: fdab78a3-101e-005a-1d8c-3a882b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093343Z-174c587ffdf6b487hC1TEBydsn00000005n000000000dfsb
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:43 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              40192.168.2.44978613.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:43 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:43 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:43 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
              ETag: "0x8DC582BA909FA21"
              x-ms-request-id: bf14eb60-501e-007b-507b-3b5ba2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093343Z-174c587ffdfb5q56hC1TEB04kg00000005m000000000g87p
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:43 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              41192.168.2.44978713.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:43 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:44 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:43 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
              ETag: "0x8DC582B92FCB436"
              x-ms-request-id: d6db62af-701e-0097-3243-3db8c1000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093343Z-178bfbc474bwh9gmhC1NYCy3rs00000007900000000094cn
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:44 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              42192.168.2.44978813.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:45 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:45 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:45 GMT
              Content-Type: text/xml
              Content-Length: 423
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
              ETag: "0x8DC582BB7564CE8"
              x-ms-request-id: 043e45ca-501e-0078-1031-3e06cf000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093345Z-178bfbc474bpnd5vhC1NYC4vr400000007ag000000003ht1
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:45 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


              Session IDSource IPSource PortDestination IPDestination Port
              43192.168.2.44979013.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:45 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:45 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:45 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
              ETag: "0x8DC582B95C61A3C"
              x-ms-request-id: d277967d-801e-0047-0163-3b7265000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093345Z-178bfbc474btvfdfhC1NYCa2en000000077g00000000b0sw
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:45 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              44192.168.2.44978913.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:45 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:45 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:45 GMT
              Content-Type: text/xml
              Content-Length: 478
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
              ETag: "0x8DC582B9B233827"
              x-ms-request-id: 6f39afe9-801e-002a-5d41-3e31dc000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093345Z-15b8b599d889fz52hC1TEB59as00000005tg000000003gf5
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:45 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              45192.168.2.44979113.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:45 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:46 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:46 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
              ETag: "0x8DC582BB046B576"
              x-ms-request-id: e83eb970-001e-0046-777e-3ada4b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093346Z-174c587ffdfcj798hC1TEB9bq40000000600000000000zpr
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:46 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              46192.168.2.44979213.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:45 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:46 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:46 GMT
              Content-Type: text/xml
              Content-Length: 400
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
              ETag: "0x8DC582BB2D62837"
              x-ms-request-id: 069344af-301e-0020-09c0-3e6299000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093346Z-178bfbc474bfw4gbhC1NYCunf400000007a0000000004ekd
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:46 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


              Session IDSource IPSource PortDestination IPDestination Port
              47192.168.2.44979313.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:47 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:47 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:47 GMT
              Content-Type: text/xml
              Content-Length: 479
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
              ETag: "0x8DC582BB7D702D0"
              x-ms-request-id: 527e1194-e01e-0071-7e41-3e08e7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093347Z-15b8b599d88vp97chC1TEB5pzw00000005ng00000000dpyh
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:47 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              48192.168.2.44979413.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:47 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:47 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:47 GMT
              Content-Type: text/xml
              Content-Length: 425
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
              ETag: "0x8DC582BBA25094F"
              x-ms-request-id: 97f3364e-001e-00a2-6ca6-3ed4d5000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093347Z-178bfbc474bpnd5vhC1NYC4vr400000007ag000000003hu5
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:47 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


              Session IDSource IPSource PortDestination IPDestination Port
              49192.168.2.44979513.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:47 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:48 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:47 GMT
              Content-Type: text/xml
              Content-Length: 475
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
              ETag: "0x8DC582BB2BE84FD"
              x-ms-request-id: 76e95f1f-101e-0034-7059-3b96ff000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093347Z-178bfbc474btvfdfhC1NYCa2en00000007d00000000039pk
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:48 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              50192.168.2.44979613.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:47 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:48 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:48 GMT
              Content-Type: text/xml
              Content-Length: 448
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB389F49B"
              x-ms-request-id: 8a9c0054-c01e-0046-231b-3e2db9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093348Z-178bfbc474bmqmgjhC1NYCy16c00000007ag000000006a48
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:48 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


              Session IDSource IPSource PortDestination IPDestination Port
              51192.168.2.44979713.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:48 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:48 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:48 GMT
              Content-Type: text/xml
              Content-Length: 491
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B98B88612"
              x-ms-request-id: 2abfc2a9-b01e-003d-094d-3cd32c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093348Z-15b8b599d88hd9g7hC1TEBp75c00000005t00000000040g3
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:48 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              52192.168.2.44979913.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:50 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:50 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:50 GMT
              Content-Type: text/xml
              Content-Length: 479
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B989EE75B"
              x-ms-request-id: 79b51860-701e-0021-623a-3c3d45000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093350Z-174c587ffdfx984chC1TEB676g00000005t00000000061nw
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:50 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              53192.168.2.44980013.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:50 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:50 UTC491INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:50 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: 1aaae978-201e-0096-4377-3bace6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093350Z-174c587ffdf6b487hC1TEBydsn00000005rg000000004s0r
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-11-25 09:33:50 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              54192.168.2.44979813.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:50 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:50 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:50 GMT
              Content-Type: text/xml
              Content-Length: 416
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
              ETag: "0x8DC582BAEA4B445"
              x-ms-request-id: a6b1c0e3-801e-002a-1ea2-3e31dc000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093350Z-178bfbc474bpnd5vhC1NYC4vr400000007bg000000001qpe
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:50 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


              Session IDSource IPSource PortDestination IPDestination Port
              55192.168.2.44980113.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:50 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:51 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:50 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97E6FCDD"
              x-ms-request-id: 79a9dcb6-201e-003c-1c7b-3b30f9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093350Z-174c587ffdfgcs66hC1TEB69cs00000005k000000000cs45
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:51 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              56192.168.2.44980213.107.246.63443
              TimestampBytes transferredDirectionData
              2024-11-25 09:33:50 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-11-25 09:33:51 UTC470INHTTP/1.1 200 OK
              Date: Mon, 25 Nov 2024 09:33:50 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C710B28"
              x-ms-request-id: 3074f9d5-701e-001e-47fc-3df5e6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241125T093350Z-178bfbc474bwlrhlhC1NYCy3kg000000076g000000009pr3
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-11-25 09:33:51 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Statistics

              CPU Usage

              Click to jump to process

              Memory Usage

              Click to jump to process

              Behavior

              Click to jump to process

              System Behavior

              General

              Target ID:0
              Start time:04:32:24
              Start date:25/11/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Imagebase:0x7ff76e190000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:2
              Start time:04:32:27
              Start date:25/11/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1852,i,7724950182119876291,828045722762287732,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Imagebase:0x7ff76e190000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:3
              Start time:04:32:31
              Start date:25/11/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://guardiannostrils.com/xr93bi2nq?vzvlrfl=87&refer=https%3A%2F%2Fwww.capoplayer.net%2Fplay%2Fpremier2.php&kw=%5B%5D&key=2ba8e0b8ae36a3a2c24c170c7c0734cc&scrWidth=1920&scrHeight=1080&tz=0&v=24.10.2259&ship=&psid=https://www.pelotalibretv.pl&sub3=invoke_layer&res=14.31&dev=r&adb=n&adb=n"
              Imagebase:0x7ff76e190000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:true

              Disassembly

              No disassembly