Edit tour

Windows Analysis Report
https://ae.sanoficonnect.com/

Overview

General Information

Sample URL:	https://ae.sanoficonnect.com/
Analysis ID:	1562724
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5172 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2300 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1904,i,6121546976876511642,420334715097434302,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6316 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ae.sanoficonnect.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://ae.sanoficonnect.com/

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ae.sanoficonnect.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ae.sanoficonnect.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ae.sanoficonnect.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VSGvXaLnbotPApD&MD=3g9VH8KX HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VSGvXaLnbotPApD&MD=3g9VH8KX HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: ae.sanoficonnect.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 19Content-Type: text/plain; charset=utf-8Date: Mon, 25 Nov 2024 22:33:41 GMTX-Content-Type-Options: nosniffConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 19Content-Type: text/plain; charset=utf-8Date: Mon, 25 Nov 2024 22:33:42 GMTX-Content-Type-Options: nosniffConnection: close

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@16/4@4/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1904,i,6121546976876511642,420334715097434302,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ae.sanoficonnect.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1904,i,6121546976876511642,420334715097434302,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://ae.sanoficonnect.com/	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://ae.sanoficonnect.com/favicon.ico	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.google.com	142.250.181.100	true	false	high
mailgun.org	34.102.239.211	true	false	high
ae.sanoficonnect.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://ae.sanoficonnect.com/	false		unknown
https://ae.sanoficonnect.com/favicon.ico	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
34.102.239.211	mailgun.org	United States	15169	GOOGLEUS	false
142.250.181.100	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1562724
Start date and time:	2024-11-25 23:32:40 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 2m 49s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://ae.sanoficonnect.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@16/4@4/4
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.208.227, 172.217.19.238, 74.125.205.84, 34.104.35.123, 2.20.68.210, 192.229.221.95, 172.217.17.35
Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, otelrules.azureedge.net, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://ae.sanoficonnect.com/

Simulations

Behavior and APIs

⊘No simulations

Input	Output
URL: https://ae.sanoficonnect.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: https://ae.sanoficonnect.com

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 39

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	19
Entropy (8bit):	3.6818808028034042
Encrypted:	false
SSDEEP:	3:uZuUeZn:u5eZn
MD5:	595E88012A6521AAE3E12CBEBE76EB9E
SHA1:	DA3968197E7BF67AA45A77515B52BA2710C5FC34
SHA-256:	B16E15764B8BC06C5C3F9F19BC8B99FA48E7894AA5A6CCDAD65DA49BBF564793
SHA-512:	FD13C580D15CC5E8B87D97EAD633209930E00E85C113C776088E246B47F140EFE99BDF6AB02070677445DB65410F7E62EC23C71182F9F78E9D0E1B9F7FDA0DC3
Malicious:	false
Reputation:	low
URL:	https://ae.sanoficonnect.com/favicon.ico
Preview:	404 page not found.

Chrome Cache Entry: 40

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	19
Entropy (8bit):	3.6818808028034042
Encrypted:	false
SSDEEP:	3:uZuUeZn:u5eZn
MD5:	595E88012A6521AAE3E12CBEBE76EB9E
SHA1:	DA3968197E7BF67AA45A77515B52BA2710C5FC34
SHA-256:	B16E15764B8BC06C5C3F9F19BC8B99FA48E7894AA5A6CCDAD65DA49BBF564793
SHA-512:	FD13C580D15CC5E8B87D97EAD633209930E00E85C113C776088E246B47F140EFE99BDF6AB02070677445DB65410F7E62EC23C71182F9F78E9D0E1B9F7FDA0DC3
Malicious:	false
Reputation:	low
URL:	https://ae.sanoficonnect.com/
Preview:	404 page not found.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 25, 2024 23:33:39.972414017 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:39.972467899 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:39.972569942 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:39.972687006 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:39.972734928 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:39.972790003 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:39.972913027 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:39.972925901 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:39.973133087 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:39.973154068 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.306003094 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.306246996 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.306272984 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.307775021 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.307827950 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.308974981 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.309067011 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.309190035 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.309197903 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.311574936 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.311779976 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.311830044 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.313474894 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.313539982 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.315653086 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.315747976 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.362689972 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.362692118 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.362732887 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.410202980 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.721146107 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:41.721201897 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:41.721255064 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:41.721477985 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:41.721492052 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:41.798373938 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.798676014 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.798729897 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.799871922 CET	49736	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.799890995 CET	443	49736	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:41.842582941 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:41.883339882 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:42.228703976 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:42.229588032 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:42.229703903 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:42.231498957 CET	49735	443	192.168.2.4	34.102.239.211
Nov 25, 2024 23:33:42.231519938 CET	443	49735	34.102.239.211	192.168.2.4
Nov 25, 2024 23:33:42.953346014 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:42.953387022 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:42.953458071 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:42.955532074 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:42.955549955 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:43.516586065 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:43.552180052 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:43.552213907 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:43.555979967 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:43.556051970 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:43.558548927 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:43.558744907 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:43.609215975 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:43.609241009 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:43.656096935 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:44.434201956 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.434283018 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:44.438083887 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:44.438091040 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.438337088 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.479872942 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:44.527327061 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.967022896 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.967092037 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.967150927 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:44.967271090 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:44.967284918 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:44.967304945 CET	49740	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:44.967309952 CET	443	49740	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:45.004940033 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:45.005023003 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:45.005188942 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:45.005515099 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:45.005553007 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.430110931 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.430335045 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:46.431581974 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:46.431611061 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.431930065 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.433119059 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:46.479352951 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.959321976 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.959389925 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.959450006 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:46.960398912 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:46.960398912 CET	49741	443	192.168.2.4	23.218.208.109
Nov 25, 2024 23:33:46.960414886 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:46.960426092 CET	443	49741	23.218.208.109	192.168.2.4
Nov 25, 2024 23:33:50.506830931 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:50.506896973 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:50.506983995 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:50.508116961 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:50.508151054 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:52.275662899 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:52.275748014 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:52.278724909 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:52.278736115 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:52.278981924 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:52.328939915 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:53.191174984 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:53.191349030 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:53.191409111 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:53.980650902 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:54.023340940 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.127068996 CET	49739	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:33:54.127105951 CET	443	49739	142.250.181.100	192.168.2.4
Nov 25, 2024 23:33:54.566344976 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.566373110 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.566380024 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.566390038 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.566418886 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.566457033 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:54.566477060 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.566498041 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:54.566518068 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:54.585781097 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.585855007 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:54.585860014 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:54.585899115 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:56.024488926 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:56.024535894 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:56.024549961 CET	49742	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:33:56.024557114 CET	443	49742	52.149.20.212	192.168.2.4
Nov 25, 2024 23:33:56.371304035 CET	49723	80	192.168.2.4	93.184.221.240
Nov 25, 2024 23:33:56.492037058 CET	80	49723	93.184.221.240	192.168.2.4
Nov 25, 2024 23:33:56.492094040 CET	49723	80	192.168.2.4	93.184.221.240
Nov 25, 2024 23:34:29.146821022 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:29.146872997 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:29.146990061 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:29.147330046 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:29.147342920 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:30.965231895 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:30.965409040 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:30.969253063 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:30.969263077 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:30.969593048 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:30.977550983 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.019330978 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.448240995 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.448270082 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.448292017 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.448338985 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.448354959 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.448395967 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.448395967 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.638839006 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.638873100 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.639055967 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.639071941 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.639121056 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.672149897 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.672179937 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.672252893 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.672261000 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.672293901 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.672313929 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.832287073 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.832318068 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.832407951 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.832420111 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.832463980 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.858668089 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.858697891 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.858763933 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.858772039 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.858797073 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.858815908 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.877928019 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.877959013 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.878051043 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.878060102 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.878109932 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.894619942 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.894643068 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.894686937 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.894694090 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:31.894720078 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:31.894740105 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.031681061 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.031703949 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.031769037 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.031780005 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.031830072 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.047923088 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.047940016 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.048023939 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.048031092 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.048078060 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.065104008 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.065119982 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.065188885 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.065196037 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.065231085 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.076317072 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.076339006 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.076431036 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.076441050 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.076486111 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.088011980 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.088049889 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.088083982 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.088090897 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.088133097 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.098547935 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.098565102 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.098676920 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.098684072 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.098732948 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.110399008 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.110519886 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.110642910 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.110722065 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.110739946 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.110750914 CET	49748	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.110757113 CET	443	49748	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.153861046 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.153882027 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.153889894 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.153942108 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.153964043 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.154031992 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.154196024 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.154205084 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.154285908 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.154310942 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.155493975 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.155522108 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.155575991 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.155679941 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.155695915 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.156704903 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.156740904 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.156788111 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.157306910 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.157350063 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.157397032 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.157458067 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.157480955 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.157542944 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:32.157560110 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:32.320904016 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:32.320959091 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:32.321028948 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:32.321446896 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:32.321461916 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:33.939100981 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.939471006 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.939994097 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:33.940006971 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:33.940022945 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.940051079 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.940186024 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.940428972 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:33.940438032 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.940500975 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:33.940515995 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.940696955 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:33.940725088 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:33.941051006 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:33.941056967 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.011197090 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.011748075 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.011785030 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.012186050 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.012200117 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.014214039 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.014480114 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.014506102 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.014836073 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.014843941 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.078557968 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.078660965 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.080261946 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.080271006 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.080477953 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.088813066 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.131337881 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.385092020 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385157108 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385210991 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.385530949 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.385530949 CET	49752	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.385555983 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385570049 CET	443	49752	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385586977 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385659933 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385742903 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.385869026 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.385885000 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.385898113 CET	49750	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.385905981 CET	443	49750	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.388700008 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.388760090 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.388788939 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.388828993 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.388829947 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.388883114 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.388962984 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.388983965 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.389022112 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.389034986 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392410994 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392441034 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392491102 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.392503977 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392671108 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.392692089 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392724991 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.392829895 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392858028 CET	443	49753	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.392898083 CET	49753	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.394643068 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.394684076 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.394757986 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.394891977 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.394906998 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.454787970 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.454807043 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.454871893 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.454890013 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.454936981 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.455126047 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.455135107 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.455153942 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.455306053 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.455337048 CET	443	49751	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.455375910 CET	49751	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.457565069 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.457590103 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.457662106 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.457818985 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.457830906 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470298052 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470328093 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470386028 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.470405102 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470452070 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.470514059 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.470520020 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470541000 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.470717907 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470750093 CET	443	49749	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.470789909 CET	49749	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.472596884 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.472619057 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.472706079 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.472830057 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:34.472843885 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:34.784312010 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.784337997 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.784352064 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.784426928 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.784449100 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.784508944 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.822592020 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.822628975 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.822679043 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.822809935 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.822973013 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.822987080 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:34.822998047 CET	49754	443	192.168.2.4	52.149.20.212
Nov 25, 2024 23:34:34.823003054 CET	443	49754	52.149.20.212	192.168.2.4
Nov 25, 2024 23:34:36.106291056 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.107074976 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.107103109 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.107546091 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.107552052 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.230412960 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.230649948 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.230861902 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.230884075 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.231062889 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.231086016 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.231379986 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.231508017 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.231512070 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.231614113 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.231618881 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.231834888 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.231859922 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.232222080 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.232228041 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.348299026 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.348851919 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.348881006 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.349319935 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.349324942 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.627405882 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.627489090 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.627708912 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.627752066 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.627752066 CET	49756	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.627778053 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.627789021 CET	443	49756	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.630728960 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.630778074 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.630886078 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.631063938 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.631072998 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.743236065 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.743310928 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.743372917 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.743562937 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.743575096 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.743583918 CET	49758	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.743590117 CET	443	49758	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.746599913 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.746646881 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.746733904 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.746915102 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.746937037 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.752418995 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.752485991 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.752541065 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.752644062 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.752660990 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.752671957 CET	49757	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.752676964 CET	443	49757	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.754829884 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.754865885 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.754940987 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.755084038 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.755100965 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.758308887 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.758378029 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.758466005 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.758555889 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.758555889 CET	49755	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.758599997 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.758627892 CET	443	49755	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.760544062 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.760576010 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.760646105 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.760787010 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.760812044 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.793926001 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.794017076 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.794070959 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.794254065 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.794269085 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.794280052 CET	49759	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.794284105 CET	443	49759	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.796775103 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.796814919 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:36.796901941 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.797110081 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:36.797123909 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.345730066 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.346235037 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.346260071 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.346708059 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.346714973 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.526456118 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.526931047 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.526962996 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.527462006 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.527473927 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.543189049 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.543555021 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.543585062 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.543936014 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.543945074 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.567217112 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.567667961 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.567688942 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.568089962 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.568099976 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.586729050 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.587158918 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.587173939 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.587934017 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.587939978 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.780936003 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.781003952 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.781112909 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.781347990 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.781400919 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.781430960 CET	49760	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.781447887 CET	443	49760	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.784393072 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.784435987 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.784526110 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.784687042 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.784703970 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.970387936 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.970463037 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.970681906 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.970740080 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.970740080 CET	49761	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.970765114 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.970778942 CET	443	49761	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.973489046 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.973532915 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.973606110 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.973738909 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.973752975 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.987432957 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.987495899 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.987617970 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.987668037 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.987668037 CET	49762	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.987694979 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.987706900 CET	443	49762	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.989583015 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.989633083 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:38.989701986 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.989815950 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:38.989835024 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.011615992 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.011678934 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.011801004 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.011847973 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.011847973 CET	49763	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.011868000 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.011879921 CET	443	49763	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.013777018 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.013823986 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.013904095 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.014041901 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.014060974 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.030608892 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.030664921 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.030783892 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.031130075 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.031147957 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.031160116 CET	49764	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.031166077 CET	443	49764	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.033166885 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.033209085 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:39.033423901 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.033423901 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:39.033457994 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.564172029 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.564651012 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.564661026 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.565123081 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.565129042 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.768265963 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.768764019 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.768829107 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.769211054 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.769226074 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.795036077 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.795413017 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.795478106 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.795785904 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.795802116 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.810867071 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.811228037 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.811273098 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.811606884 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.811615944 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.819045067 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.819299936 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.819318056 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:40.819602966 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:40.819611073 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.009377956 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.009452105 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.009510040 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.009696960 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.009718895 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.009727955 CET	49766	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.009735107 CET	443	49766	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.012219906 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.012258053 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.012347937 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.012480021 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.012495995 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.213193893 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.213249922 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.213373899 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.213836908 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.213836908 CET	49768	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.213855028 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.213869095 CET	443	49768	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.216486931 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.216516972 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.216600895 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.216763973 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.216775894 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.239448071 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.239526033 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.239578009 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.239669085 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.239685059 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.239696980 CET	49769	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.239703894 CET	443	49769	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.241966009 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.242000103 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.242068052 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.242181063 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.242197037 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.254911900 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.254976034 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.255022049 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.255112886 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.255120039 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.255151033 CET	49770	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.255156994 CET	443	49770	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.256885052 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.256896973 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.257092953 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.257092953 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.257112980 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.272522926 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.272595882 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.272645950 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.272692919 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.272707939 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.272717953 CET	49767	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.272722006 CET	443	49767	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.274435043 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.274463892 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.274512053 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.274661064 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:41.274679899 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:41.547697067 CET	49724	80	192.168.2.4	93.184.221.240
Nov 25, 2024 23:34:41.642674923 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:41.642714977 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:41.642786980 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:41.643011093 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:41.643023014 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:41.668071032 CET	80	49724	93.184.221.240	192.168.2.4
Nov 25, 2024 23:34:41.668139935 CET	49724	80	192.168.2.4	93.184.221.240
Nov 25, 2024 23:34:42.795684099 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:42.796343088 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:42.796415091 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:42.796782970 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:42.796797991 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:42.963632107 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:42.964168072 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:42.964195967 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:42.964572906 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:42.964581013 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.036303997 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.036854029 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.036885977 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.037297010 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.037302017 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.056576967 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.056849003 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.056876898 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.057219028 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.057225943 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.061599970 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.061827898 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.061844110 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.062131882 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.062136889 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.290988922 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.291096926 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.291174889 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.291307926 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.291358948 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.291408062 CET	49771	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.291424990 CET	443	49771	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.294162035 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.294217110 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.294316053 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.294483900 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.294517040 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.380207062 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:43.380578995 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:43.380597115 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:43.380918980 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:43.381232977 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:43.381298065 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:43.397910118 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.397993088 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.398051023 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.398250103 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.398273945 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.398288965 CET	49773	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.398298025 CET	443	49773	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.401182890 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.401230097 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.401324034 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.401498079 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.401513100 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.422606945 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:43.481657982 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.481729984 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.481786966 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.481962919 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.481982946 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.482000113 CET	49774	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.482007980 CET	443	49774	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.484839916 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.484908104 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.485009909 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.485228062 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.485264063 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.515850067 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.515911102 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.516028881 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.516211033 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.516225100 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.516252995 CET	49772	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.516258001 CET	443	49772	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.518539906 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.518582106 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.518666983 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.518811941 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.518829107 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.611260891 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.611346960 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.611424923 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.611572027 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.611584902 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.611598015 CET	49775	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.611603022 CET	443	49775	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.614124060 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.614161015 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:43.614240885 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.614399910 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:43.614413977 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.139141083 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.139664888 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.139684916 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.140130043 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.140135050 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.252475977 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.253060102 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.253091097 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.253531933 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.253546000 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.276851892 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.277251959 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.277275085 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.277625084 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.277630091 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.298377037 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.298775911 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.298789024 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.299264908 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.299272060 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.401036978 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.401412010 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.401436090 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.401787043 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.401794910 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.595774889 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.595835924 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.595916986 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.596103907 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.596105099 CET	49777	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.596129894 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.596152067 CET	443	49777	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.599116087 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.599134922 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.599226952 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.599405050 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.599416971 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.705780029 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.705881119 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.705950975 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.706078053 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.706079006 CET	49778	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.706115961 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.706141949 CET	443	49778	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.708889008 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.708933115 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.709022999 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.709180117 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.709192991 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.721599102 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.721673012 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.721731901 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.721818924 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.721833944 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.721869946 CET	49779	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.721882105 CET	443	49779	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.723999023 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.724015951 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.724087954 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.724234104 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.724246025 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.775846958 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.776024103 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.776117086 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.776362896 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.776384115 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.776407003 CET	49780	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.776413918 CET	443	49780	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.779207945 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.779264927 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.779362917 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.779531956 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.779545069 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.868735075 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.868820906 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.868879080 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.869074106 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.869096041 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.869127035 CET	49781	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.869132996 CET	443	49781	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.871989965 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.872001886 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:45.872100115 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.872253895 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:45.872262955 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.379203081 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.379709005 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.379729986 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.380155087 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.380161047 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.491302013 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.491758108 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.491780043 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.492207050 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.492218018 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.497497082 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.497817039 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.497843027 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.498241901 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.498246908 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.573434114 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.573987007 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.574011087 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.574436903 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.574441910 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.651680946 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.652160883 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.652178049 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.652610064 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.652615070 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.823904991 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.823959112 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.824004889 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.824163914 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.824177027 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.824187994 CET	49782	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.824193001 CET	443	49782	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.827034950 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.827059984 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.827116013 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.827281952 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.827291012 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.933044910 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.933109045 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.933170080 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.933389902 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.933417082 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.933429003 CET	49785	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.933434963 CET	443	49785	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.936314106 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.936355114 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.936440945 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.936515093 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.936589003 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.936655045 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.936654091 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.936670065 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.936750889 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.936750889 CET	49783	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.936801910 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.936830997 CET	443	49783	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.938822985 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.938857079 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:47.938916922 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.939044952 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:47.939059019 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.036101103 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.036175966 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.036231995 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.036386013 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.036396980 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.036407948 CET	49784	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.036412954 CET	443	49784	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.038717985 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.038733959 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.038961887 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.038961887 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.038983107 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.100392103 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.100451946 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.100506067 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.100672960 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.100680113 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.100687981 CET	49786	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.100691080 CET	443	49786	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.102699041 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.102724075 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:48.102798939 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.102946043 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:48.102957964 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.609905958 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.619049072 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.619070053 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.619626045 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.619631052 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.785053015 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.785789013 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.785805941 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.786463976 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.786468029 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.788130999 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.788496017 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.788516045 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.789076090 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.789081097 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.822812080 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.823213100 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.823229074 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.823812962 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.823817015 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.882920980 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.883368969 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.883387089 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:49.883781910 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:49.883785963 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.058224916 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.058295012 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.058348894 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.058530092 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.058552980 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.058562040 CET	49787	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.058568001 CET	443	49787	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.061157942 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.061177015 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.061252117 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.061382055 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.061394930 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.239862919 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.239954948 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.240004063 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.240212917 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.240237951 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.240276098 CET	49788	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.240283966 CET	443	49788	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.242619991 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.242649078 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.242748022 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.242867947 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.242880106 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.243454933 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.243519068 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.243561983 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.243663073 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.243680954 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.243691921 CET	49789	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.243697882 CET	443	49789	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.245656013 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.245678902 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.245755911 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.245904922 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.245915890 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.268635988 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.268686056 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.268830061 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.269002914 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.269018888 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.269030094 CET	49790	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.269035101 CET	443	49790	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.271107912 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.271123886 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.271192074 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.271338940 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.271347046 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.327856064 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.327922106 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.328047991 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.328319073 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.328331947 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.328341007 CET	49791	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.328345060 CET	443	49791	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.330709934 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.330741882 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:50.330838919 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.330982924 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:50.331001043 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:51.779066086 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:51.779782057 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:51.779794931 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:51.780237913 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:51.780242920 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.038176060 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.038836002 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.038858891 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.039299011 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.039304018 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.045633078 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.045907021 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.045926094 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.046231031 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.046236992 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.114947081 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.115432978 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.115444899 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.115861893 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.115864992 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.126878977 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.127239943 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.127257109 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.127785921 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.127791882 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.230113983 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.230179071 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.230254889 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.230434895 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.230452061 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.230463028 CET	49792	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.230468035 CET	443	49792	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.233382940 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.233414888 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.233495951 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.233696938 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.233707905 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.513134003 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.513245106 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.513336897 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.513549089 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.513570070 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.513588905 CET	49794	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.513592958 CET	443	49794	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.516767979 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.516803980 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.516872883 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.517005920 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.517025948 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.555708885 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.555804014 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.555886984 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.556073904 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.556092978 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.556103945 CET	49793	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.556109905 CET	443	49793	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.558933020 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.558978081 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.559072971 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.559218884 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.559233904 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.619697094 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.619698048 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.619777918 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.619793892 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.619869947 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.619878054 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.620163918 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.620177031 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.620198965 CET	49795	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.620203972 CET	443	49795	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.620332003 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.620353937 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.620362997 CET	49796	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.620368004 CET	443	49796	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.623874903 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.623970985 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.624057055 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.624336958 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.624372959 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.624950886 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.625025988 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:52.625098944 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.625211954 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:52.625257015 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:53.106489897 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:53.106604099 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:53.106686115 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:54.052557945 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.053097963 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.053117037 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.053519011 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.053523064 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.126642942 CET	49776	443	192.168.2.4	142.250.181.100
Nov 25, 2024 23:34:54.126657009 CET	443	49776	142.250.181.100	192.168.2.4
Nov 25, 2024 23:34:54.294576883 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.295109987 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.295135021 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.295582056 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.295587063 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.362920046 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.363491058 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.363508940 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.363940001 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.363945961 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.404798031 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.405200958 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.405234098 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.405586958 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.405601978 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.412148952 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.412456989 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.412502050 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.412859917 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.412873983 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.498945951 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.499007940 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.499044895 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.499229908 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.499229908 CET	49797	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.499248981 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.499258041 CET	443	49797	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.502031088 CET	49802	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.502115965 CET	443	49802	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.502199888 CET	49802	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.502373934 CET	49802	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.502412081 CET	443	49802	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.730854034 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.730918884 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.730971098 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.731250048 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.731267929 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.731283903 CET	49799	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.731297970 CET	443	49799	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.733808994 CET	49803	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.733908892 CET	443	49803	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.733987093 CET	49803	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.734127045 CET	49803	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.734164000 CET	443	49803	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.816281080 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.816369057 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.816415071 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.816675901 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.816699028 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.816735983 CET	49798	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.816744089 CET	443	49798	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.819403887 CET	49804	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.819437981 CET	443	49804	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.819518089 CET	49804	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.819766045 CET	49804	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.819777966 CET	443	49804	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860310078 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860394955 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860400915 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860471010 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.860486031 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860538960 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.860657930 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.860658884 CET	49800	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.860688925 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.860704899 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860733986 CET	443	49800	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860748053 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.860768080 CET	49801	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.860783100 CET	443	49801	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.863549948 CET	49806	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.863545895 CET	49805	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.863564014 CET	443	49806	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.863642931 CET	443	49805	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.863723040 CET	49806	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.863862991 CET	49806	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.863871098 CET	49805	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.863874912 CET	443	49806	13.107.246.63	192.168.2.4
Nov 25, 2024 23:34:54.863951921 CET	49805	443	192.168.2.4	13.107.246.63
Nov 25, 2024 23:34:54.863976955 CET	443	49805	13.107.246.63	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 25, 2024 23:33:38.004681110 CET	53	57383	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:38.006366968 CET	53	59247	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:39.394855022 CET	65307	53	192.168.2.4	1.1.1.1
Nov 25, 2024 23:33:39.398013115 CET	59358	53	192.168.2.4	1.1.1.1
Nov 25, 2024 23:33:39.969067097 CET	53	59358	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:39.969528913 CET	53	65307	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:40.766326904 CET	53	59248	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:41.580929041 CET	60413	53	192.168.2.4	1.1.1.1
Nov 25, 2024 23:33:41.581187963 CET	65123	53	192.168.2.4	1.1.1.1
Nov 25, 2024 23:33:41.720060110 CET	53	60413	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:41.720124960 CET	53	65123	1.1.1.1	192.168.2.4
Nov 25, 2024 23:33:53.119530916 CET	138	138	192.168.2.4	192.168.2.255
Nov 25, 2024 23:33:57.780381918 CET	53	54495	1.1.1.1	192.168.2.4
Nov 25, 2024 23:34:16.594332933 CET	53	56176	1.1.1.1	192.168.2.4
Nov 25, 2024 23:34:37.356065989 CET	53	62372	1.1.1.1	192.168.2.4
Nov 25, 2024 23:34:39.265899897 CET	53	56151	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Nov 25, 2024 23:33:39.394855022 CET	192.168.2.4	1.1.1.1	0x6447	Standard query (0)	ae.sanoficonnect.com	A (IP address)	IN (0x0001)	false
Nov 25, 2024 23:33:39.398013115 CET	192.168.2.4	1.1.1.1	0xd26c	Standard query (0)	ae.sanoficonnect.com	65	IN (0x0001)	false
Nov 25, 2024 23:33:41.580929041 CET	192.168.2.4	1.1.1.1	0xb9b4	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Nov 25, 2024 23:33:41.581187963 CET	192.168.2.4	1.1.1.1	0xc5c6	Standard query (0)	www.google.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Nov 25, 2024 23:33:39.969067097 CET	1.1.1.1	192.168.2.4	0xd26c	No error (0)	ae.sanoficonnect.com	mailgun.org		CNAME (Canonical name)	IN (0x0001)	false
Nov 25, 2024 23:33:39.969528913 CET	1.1.1.1	192.168.2.4	0x6447	No error (0)	ae.sanoficonnect.com	mailgun.org		CNAME (Canonical name)	IN (0x0001)	false
Nov 25, 2024 23:33:39.969528913 CET	1.1.1.1	192.168.2.4	0x6447	No error (0)	mailgun.org		34.102.239.211	A (IP address)	IN (0x0001)	false
Nov 25, 2024 23:33:41.720060110 CET	1.1.1.1	192.168.2.4	0xb9b4	No error (0)	www.google.com		142.250.181.100	A (IP address)	IN (0x0001)	false
Nov 25, 2024 23:33:41.720124960 CET	1.1.1.1	192.168.2.4	0xc5c6	No error (0)	www.google.com			65	IN (0x0001)	false

HTTP Request Dependency Graph

ae.sanoficonnect.com

https:

fs.microsoft.com

slscr.update.microsoft.com

otelrules.azureedge.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49736	34.102.239.211	443	2300	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:33:41 UTC	663	OUT	GET / HTTP/1.1 Host: ae.sanoficonnect.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-11-25 22:33:41 UTC	176	IN	HTTP/1.1 404 Not Found Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Mon, 25 Nov 2024 22:33:41 GMT X-Content-Type-Options: nosniff Connection: close
2024-11-25 22:33:41 UTC	19	IN	Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49735	34.102.239.211	443	2300	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:33:41 UTC	596	OUT	GET /favicon.ico HTTP/1.1 Host: ae.sanoficonnect.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ae.sanoficonnect.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-11-25 22:33:42 UTC	176	IN	HTTP/1.1 404 Not Found Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Mon, 25 Nov 2024 22:33:42 GMT X-Content-Type-Options: nosniff Connection: close
2024-11-25 22:33:42 UTC	19	IN	Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49740	23.218.208.109	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:33:44 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-11-25 22:33:44 UTC	478	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Server: Kestrel ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-OSID: 2 X-CID: 2 X-CCC: GB Cache-Control: public, max-age=39587 Date: Mon, 25 Nov 2024 22:33:44 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49741	23.218.208.109	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:33:46 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-11-25 22:33:46 UTC	534	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=39563 Date: Mon, 25 Nov 2024 22:33:46 GMT Content-Length: 55 Connection: close X-CID: 2
2024-11-25 22:33:46 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49742	52.149.20.212	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:33:53 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VSGvXaLnbotPApD&MD=3g9VH8KX HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-11-25 22:33:54 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: bc951b0f-8311-4bd0-a1dc-30b9f425e9e3 MS-RequestId: 38340e17-d056-460b-ba85-c5419057ddc1 MS-CV: FvEBNL8BcUqKUGDQ.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Mon, 25 Nov 2024 22:33:53 GMT Connection: close Content-Length: 24490
2024-11-25 22:33:54 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-11-25 22:33:54 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port
5	192.168.2.4	49748	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:30 UTC	195	OUT	GET /rules/other-Win32-v19.bundle HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:31 UTC	471	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:31 GMT Content-Type: text/plain Content-Length: 218853 Connection: close Vary: Accept-Encoding Cache-Control: public Last-Modified: Sat, 23 Nov 2024 12:15:37 GMT ETag: "0x8DD0BB889D4282C" x-ms-request-id: 19b35b80-c01e-0049-150a-3eac27000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223431Z-15b8b599d88l2dpthC1TEBmzr000000006f000000000hf65 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:31 UTC	15913	IN	Data Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20 Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
2024-11-25 22:34:31 UTC	16384	IN	Data Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
2024-11-25 22:34:31 UTC	16384	IN	Data Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
2024-11-25 22:34:31 UTC	16384	IN	Data Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
2024-11-25 22:34:31 UTC	16384	IN	Data Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20 Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
2024-11-25 22:34:31 UTC	16384	IN	Data Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
2024-11-25 22:34:31 UTC	16384	IN	Data Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
2024-11-25 22:34:32 UTC	16384	IN	Data Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
2024-11-25 22:34:32 UTC	16384	IN	Data Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
2024-11-25 22:34:32 UTC	16384	IN	Data Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>

Session ID	Source IP	Source Port	Destination IP	Destination Port
6	192.168.2.4	49750	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:33 UTC	192	OUT	GET /rules/rule224902v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:34 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:34 GMT Content-Type: text/xml Content-Length: 450 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT ETag: "0x8DC582BD4C869AE" x-ms-request-id: 97edb58e-001e-00a2-13a4-3ed4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223434Z-178bfbc474btvfdfhC1NYCa2en0000000880000000004md3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:34 UTC	450	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN

Session ID	Source IP	Source Port	Destination IP	Destination Port
7	192.168.2.4	49752	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:33 UTC	192	OUT	GET /rules/rule120609v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:34 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:34 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB56D3AFB" x-ms-request-id: 2eed8dc4-701e-0098-0dc6-3e395f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223434Z-178bfbc474b7cbwqhC1NYC8z4n000000083g000000000v4v x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:34 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
8	192.168.2.4	49753	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:33 UTC	192	OUT	GET /rules/rule120608v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:34 UTC	494	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:34 GMT Content-Type: text/xml Content-Length: 2160 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA3B95D81" x-ms-request-id: 2bdd5943-e01e-0052-493a-3dd9df000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223434Z-178bfbc474brk967hC1NYCfu6000000007z00000000040s1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:34 UTC	2160	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
9	192.168.2.4	49749	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:34 UTC	193	OUT	GET /rules/rule120402v21s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:34 UTC	494	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:34 GMT Content-Type: text/xml Content-Length: 3788 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC2126A6" x-ms-request-id: 6cd4c015-001e-0028-29fd-3ec49f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223434Z-174c587ffdfcj798hC1TEB9bq400000006r000000000ecm3 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:34 UTC	3788	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.4	49751	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:34 UTC	192	OUT	GET /rules/rule120600v4s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:34 UTC	494	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:34 GMT Content-Type: text/xml Content-Length: 2980 Connection: close Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: d4aa3518-701e-0098-625d-3c395f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223434Z-15b8b599d882hxlwhC1TEBfa5w00000006d000000000h9gc x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:34 UTC	2980	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49754	52.149.20.212	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:34 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VSGvXaLnbotPApD&MD=3g9VH8KX HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-11-25 22:34:34 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: cf6b19a7-a7df-4f20-af4e-fd18bc570405 MS-RequestId: ccc3280d-2b91-4639-bccd-78371f5498bb MS-CV: i/63GLllpUODRSTQ.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Mon, 25 Nov 2024 22:34:34 GMT Connection: close Content-Length: 30005
2024-11-25 22:34:34 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-11-25 22:34:34 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.4	49756	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:36 UTC	192	OUT	GET /rules/rule120611v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:36 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:36 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT ETag: "0x8DC582B9F6F3512" x-ms-request-id: 51fbd25c-e01e-0020-5e4d-3cde90000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223436Z-15b8b599d88vp97chC1TEB5pzw00000006m0000000006w8c x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:36 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.4	49757	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:36 UTC	192	OUT	GET /rules/rule120612v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:36 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:36 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT ETag: "0x8DC582BB10C598B" x-ms-request-id: 9b21b011-b01e-0021-05fc-3ecab7000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223436Z-174c587ffdf4zw2thC1TEBu34000000006hg00000000u0d9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:36 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.4	49755	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:36 UTC	192	OUT	GET /rules/rule120610v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:36 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:36 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT ETag: "0x8DC582B9964B277" x-ms-request-id: 65361fd5-201e-0033-283f-3cb167000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223436Z-15b8b599d8885prmhC1TEBsnkw00000006p000000000eqfa x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:36 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
15	192.168.2.4	49758	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:36 UTC	192	OUT	GET /rules/rule120613v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:36 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:36 GMT Content-Type: text/xml Content-Length: 632 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6E3779E" x-ms-request-id: dbeb181e-a01e-0050-28df-3ddb6e000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223436Z-15b8b599d885ffrhhC1TEBtuv000000006pg000000007138 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:36 UTC	632	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]\|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.4	49759	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:36 UTC	192	OUT	GET /rules/rule120614v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:36 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:36 GMT Content-Type: text/xml Content-Length: 467 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6C038BC" x-ms-request-id: 6e49b968-201e-006e-4441-3ebbe3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223436Z-174c587ffdfmrvb9hC1TEBtn3800000006h000000000kfas x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:36 UTC	467	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.4	49760	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:38 UTC	192	OUT	GET /rules/rule120615v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:38 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:38 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT ETag: "0x8DC582BBAD04B7B" x-ms-request-id: c38a0343-101e-008e-38bf-3ecf88000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223438Z-178bfbc474bbbqrhhC1NYCvw74000000085g00000000n9d9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:38 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
18	192.168.2.4	49761	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:38 UTC	192	OUT	GET /rules/rule120616v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:38 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:38 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB344914B" x-ms-request-id: eb1ded04-b01e-0097-298c-3a4f33000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223438Z-174c587ffdfb5q56hC1TEB04kg00000006d000000000qaqw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:38 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
19	192.168.2.4	49762	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:38 UTC	192	OUT	GET /rules/rule120617v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:38 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:38 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT ETag: "0x8DC582BA310DA18" x-ms-request-id: b101f067-f01e-0020-26b7-3e956b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223438Z-178bfbc474bscnbchC1NYCe7eg000000086000000000kc2b x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:38 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
20	192.168.2.4	49763	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:38 UTC	192	OUT	GET /rules/rule120618v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:39 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:38 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT ETag: "0x8DC582B9018290B" x-ms-request-id: aff2abcc-f01e-0003-4547-3c4453000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223438Z-178bfbc474bh5zbqhC1NYCkdug000000080g00000000d8x8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:39 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
21	192.168.2.4	49764	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:38 UTC	192	OUT	GET /rules/rule120619v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:39 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:38 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT ETag: "0x8DC582B9698189B" x-ms-request-id: a69f297f-901e-002a-244c-3c7a27000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223438Z-15b8b599d886w4hzhC1TEBb4ug00000006g000000000sfc2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:39 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
22	192.168.2.4	49766	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:40 UTC	192	OUT	GET /rules/rule120620v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:41 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:40 GMT Content-Type: text/xml Content-Length: 469 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT ETag: "0x8DC582BBA701121" x-ms-request-id: 154b25de-a01e-006f-2503-3e13cd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223440Z-178bfbc474bmqmgjhC1NYCy16c000000085g00000000anc7 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:41 UTC	469	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
23	192.168.2.4	49768	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:40 UTC	192	OUT	GET /rules/rule120622v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:41 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:41 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8CEAC16" x-ms-request-id: 76a157b4-e01e-00aa-258c-3aceda000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223441Z-174c587ffdfb5q56hC1TEB04kg00000006f000000000ewmz x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:41 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.4	49769	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:40 UTC	192	OUT	GET /rules/rule120623v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:41 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:41 GMT Content-Type: text/xml Content-Length: 464 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97FB6C3C" x-ms-request-id: 3257ccc0-201e-005d-19b5-3eafb3000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223441Z-178bfbc474bxkclvhC1NYC69g400000007yg00000000nb64 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:41 UTC	464	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor

Session ID	Source IP	Source Port	Destination IP	Destination Port
25	192.168.2.4	49770	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:40 UTC	192	OUT	GET /rules/rule120624v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:41 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:41 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB7010D66" x-ms-request-id: 6d18d387-b01e-003d-2b07-3fd32c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223441Z-15b8b599d886w4hzhC1TEBb4ug00000006hg00000000mf8r x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:41 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
26	192.168.2.4	49767	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:40 UTC	192	OUT	GET /rules/rule120621v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:41 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:41 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA41997E3" x-ms-request-id: ba5d631a-801e-0047-14d1-3e7265000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223441Z-178bfbc474bv587zhC1NYCny5w000000080g0000000065a2 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:41 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
27	192.168.2.4	49771	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:42 UTC	192	OUT	GET /rules/rule120625v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:43 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:43 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT ETag: "0x8DC582B9748630E" x-ms-request-id: ca5e5154-001e-0014-4e4e-3c5151000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223443Z-15b8b599d88tr2flhC1TEB5gk400000006mg00000000kksd x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:43 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
28	192.168.2.4	49773	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:42 UTC	192	OUT	GET /rules/rule120627v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:43 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:43 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT ETag: "0x8DC582B9E8EE0F3" x-ms-request-id: 4ec414f5-001e-0046-5fa0-3bda4b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223443Z-174c587ffdfmrvb9hC1TEBtn3800000006f000000000v1s1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:43 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
29	192.168.2.4	49774	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:43 UTC	192	OUT	GET /rules/rule120628v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:43 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:43 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C8E04C8" x-ms-request-id: 6ea5360a-801e-002a-4904-3e31dc000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223443Z-178bfbc474bmqmgjhC1NYCy16c000000082g00000000nf3k x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:43 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.4	49775	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:43 UTC	192	OUT	GET /rules/rule120629v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:43 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:43 GMT Content-Type: text/xml Content-Length: 428 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC4F34CA" x-ms-request-id: 876ff6fa-901e-00a0-47eb-3d6a6d000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223443Z-178bfbc474bxkclvhC1NYC69g4000000081000000000b5nk x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:43 UTC	428	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
31	192.168.2.4	49772	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:43 UTC	192	OUT	GET /rules/rule120626v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:43 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:43 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DACDF62" x-ms-request-id: 2b92647c-c01e-00a2-646f-3b2327000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223443Z-174c587ffdf6b487hC1TEBydsn00000006eg00000000kx84 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:43 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
32	192.168.2.4	49777	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:45 UTC	192	OUT	GET /rules/rule120630v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:45 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:45 GMT Content-Type: text/xml Content-Length: 499 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT ETag: "0x8DC582B98CEC9F6" x-ms-request-id: 8157cc8d-f01e-0003-1961-3b4453000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223445Z-178bfbc474b7cbwqhC1NYC8z4n0000000830000000002hay x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:45 UTC	499	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
33	192.168.2.4	49778	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:45 UTC	192	OUT	GET /rules/rule120631v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:45 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:45 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B988EBD12" x-ms-request-id: a839412a-a01e-0032-5a3c-3d1949000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223445Z-15b8b599d889fz52hC1TEB59as00000006p0000000000fw6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:45 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
34	192.168.2.4	49779	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:45 UTC	192	OUT	GET /rules/rule120632v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:45 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:45 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB5815C4C" x-ms-request-id: 12cef178-a01e-0070-7e6c-3d573b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223445Z-174c587ffdfx984chC1TEB676g00000006ng000000003u7x x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:45 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
35	192.168.2.4	49780	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:45 UTC	192	OUT	GET /rules/rule120633v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:45 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:45 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB32BB5CB" x-ms-request-id: e1811c2a-201e-00aa-06c6-3e3928000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223445Z-178bfbc474bp8mkvhC1NYCzqnn00000007v000000000nxze x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:45 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
36	192.168.2.4	49781	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:45 UTC	192	OUT	GET /rules/rule120634v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:45 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:45 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8972972" x-ms-request-id: 52ac3eb7-c01e-0079-7e4e-3ce51a000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223445Z-15b8b599d882hxlwhC1TEBfa5w00000006f000000000ay4d x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:45 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
37	192.168.2.4	49782	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:47 UTC	192	OUT	GET /rules/rule120635v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:47 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:47 GMT Content-Type: text/xml Content-Length: 420 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT ETag: "0x8DC582B9DAE3EC0" x-ms-request-id: 2160d4c7-701e-0021-5913-3d3d45000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223447Z-178bfbc474bv7whqhC1NYC1fg40000000850000000004zpp x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:47 UTC	420	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O

Session ID	Source IP	Source Port	Destination IP	Destination Port
38	192.168.2.4	49783	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:47 UTC	192	OUT	GET /rules/rule120636v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:47 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:47 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT ETag: "0x8DC582B9D43097E" x-ms-request-id: 413a5bf0-401e-0035-1ab5-3e82d8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223447Z-178bfbc474bvjk8shC1NYC83ns00000007v000000000qnzw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:47 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
39	192.168.2.4	49785	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:47 UTC	192	OUT	GET /rules/rule120638v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:47 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:47 GMT Content-Type: text/xml Content-Length: 486 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT ETag: "0x8DC582B92FCB436" x-ms-request-id: d6db62af-701e-0097-3243-3db8c1000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223447Z-15b8b599d88phfhnhC1TEBr51n00000006qg00000000a7t1 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:47 UTC	486	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
40	192.168.2.4	49784	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:47 UTC	192	OUT	GET /rules/rule120637v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:48 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:47 GMT Content-Type: text/xml Content-Length: 427 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT ETag: "0x8DC582BA909FA21" x-ms-request-id: 5532245b-c01e-00ad-0e6f-3da2b9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223447Z-174c587ffdfn4nhwhC1TEB2nbc00000006q0000000007qf8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:48 UTC	427	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"

Session ID	Source IP	Source Port	Destination IP	Destination Port
41	192.168.2.4	49786	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:47 UTC	192	OUT	GET /rules/rule120639v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:48 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:47 GMT Content-Type: text/xml Content-Length: 423 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT ETag: "0x8DC582BB7564CE8" x-ms-request-id: 79f6ed77-701e-0021-554e-3c3d45000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223447Z-15b8b599d882hxlwhC1TEBfa5w00000006c000000000p74e x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:48 UTC	423	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0

Session ID	Source IP	Source Port	Destination IP	Destination Port
42	192.168.2.4	49787	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:49 UTC	192	OUT	GET /rules/rule120640v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:50 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:49 GMT Content-Type: text/xml Content-Length: 478 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT ETag: "0x8DC582B9B233827" x-ms-request-id: c2388785-401e-0048-0e03-3e0409000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223449Z-178bfbc474bpnd5vhC1NYC4vr400000007z000000000td8h x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:50 UTC	478	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
43	192.168.2.4	49788	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:49 UTC	192	OUT	GET /rules/rule120641v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:50 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:50 GMT Content-Type: text/xml Content-Length: 404 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT ETag: "0x8DC582B95C61A3C" x-ms-request-id: 6056d4b9-d01e-002b-71bf-3e25fb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223450Z-178bfbc474btrnf9hC1NYCb80g000000086000000000mwf5 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:50 UTC	404	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S

Session ID	Source IP	Source Port	Destination IP	Destination Port
44	192.168.2.4	49789	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:49 UTC	192	OUT	GET /rules/rule120642v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:50 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:50 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT ETag: "0x8DC582BB046B576" x-ms-request-id: 414c800a-401e-0035-7cbf-3e82d8000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223450Z-178bfbc474bp8mkvhC1NYCzqnn00000007zg000000006v6u x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:50 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
45	192.168.2.4	49790	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:49 UTC	192	OUT	GET /rules/rule120643v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:50 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:50 GMT Content-Type: text/xml Content-Length: 400 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2D62837" x-ms-request-id: 069344af-301e-0020-09c0-3e6299000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223450Z-178bfbc474b9xljthC1NYCtw9400000007zg00000000ebmk x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:50 UTC	400	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="

Session ID	Source IP	Source Port	Destination IP	Destination Port
46	192.168.2.4	49791	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:49 UTC	192	OUT	GET /rules/rule120644v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:50 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:50 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7D702D0" x-ms-request-id: c24f93c3-601e-00ab-62a8-3e66f4000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223450Z-178bfbc474bnwsh4hC1NYC2ubs000000087g000000004kb6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:50 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
47	192.168.2.4	49792	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:51 UTC	192	OUT	GET /rules/rule120645v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:52 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:52 GMT Content-Type: text/xml Content-Length: 425 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT ETag: "0x8DC582BBA25094F" x-ms-request-id: 97f3364e-001e-00a2-6ca6-3ed4d5000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223452Z-178bfbc474bv7whqhC1NYC1fg4000000083000000000cmz6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:52 UTC	425	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=

Session ID	Source IP	Source Port	Destination IP	Destination Port
48	192.168.2.4	49794	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:52 UTC	192	OUT	GET /rules/rule120647v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:52 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:52 GMT Content-Type: text/xml Content-Length: 448 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT ETag: "0x8DC582BB389F49B" x-ms-request-id: e14f358b-d01e-007a-5d7e-3ff38c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223452Z-178bfbc474b9xljthC1NYCtw94000000080000000000c2ey x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:52 UTC	448	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>

Session ID	Source IP	Source Port	Destination IP	Destination Port
49	192.168.2.4	49793	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:52 UTC	192	OUT	GET /rules/rule120646v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:52 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:52 GMT Content-Type: text/xml Content-Length: 475 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT ETag: "0x8DC582BB2BE84FD" x-ms-request-id: eb55dd92-f01e-0020-3d6a-3c956b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223452Z-174c587ffdfmrvb9hC1TEBtn3800000006ng000000004hqp x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:52 UTC	475	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
50	192.168.2.4	49795	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:52 UTC	192	OUT	GET /rules/rule120648v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:52 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:52 GMT Content-Type: text/xml Content-Length: 491 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B98B88612" x-ms-request-id: 2abfc2a9-b01e-003d-094d-3cd32c000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223452Z-15b8b599d88wn9hhhC1TEBry0g00000006gg00000000qeev x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:52 UTC	491	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
51	192.168.2.4	49796	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:52 UTC	192	OUT	GET /rules/rule120649v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:52 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:52 GMT Content-Type: text/xml Content-Length: 416 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT ETag: "0x8DC582BAEA4B445" x-ms-request-id: 9177d9ad-001e-0028-350e-3dc49f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223452Z-178bfbc474btvfdfhC1NYCa2en000000085g00000000b0sw x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:52 UTC	416	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr

Session ID	Source IP	Source Port	Destination IP	Destination Port
52	192.168.2.4	49797	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:54 UTC	192	OUT	GET /rules/rule120650v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:54 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:54 GMT Content-Type: text/xml Content-Length: 479 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT ETag: "0x8DC582B989EE75B" x-ms-request-id: f47ed088-401e-0029-7f4d-3c9b43000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223454Z-15b8b599d88qw29phC1TEB5zag00000006eg00000000q5af x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:54 UTC	479	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
53	192.168.2.4	49799	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:54 UTC	192	OUT	GET /rules/rule120652v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:54 UTC	491	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:54 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97E6FCDD" x-ms-request-id: ab08a593-601e-0084-565b-3f6b3f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223454Z-178bfbc474brk967hC1NYCfu6000000007w000000000d33f x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-25 22:34:54 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
54	192.168.2.4	49798	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:54 UTC	192	OUT	GET /rules/rule120651v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:54 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:54 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: 4ec76ea5-a01e-006f-014e-3c13cd000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223454Z-178bfbc474btrnf9hC1NYCb80g000000086g00000000habr x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:54 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port
55	192.168.2.4	49800	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:54 UTC	192	OUT	GET /rules/rule120653v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:54 UTC	491	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:54 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT ETag: "0x8DC582B9C710B28" x-ms-request-id: 6f513ac2-b01e-001e-03ed-3e0214000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223454Z-174c587ffdfmrvb9hC1TEBtn3800000006k000000000ez8m x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-25 22:34:54 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
56	192.168.2.4	49801	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:54 UTC	192	OUT	GET /rules/rule120654v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:54 UTC	491	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:54 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT ETag: "0x8DC582BA54DCC28" x-ms-request-id: 40c83c0a-001e-00ad-1e79-3b554b000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223454Z-174c587ffdf4zw2thC1TEBu34000000006ng00000000d3nm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT X-Cache-Info: L1_T2 Accept-Ranges: bytes
2024-11-25 22:34:54 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
57	192.168.2.4	49804	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:56 UTC	192	OUT	GET /rules/rule120657v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:56 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:56 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT ETag: "0x8DC582B9FF95F80" x-ms-request-id: 1e280d2f-401e-0029-0d7f-3b9b43000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223456Z-174c587ffdf89smkhC1TEB697s00000006mg00000000grrp x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:56 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
58	192.168.2.4	49802	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:56 UTC	192	OUT	GET /rules/rule120655v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:56 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:56 GMT Content-Type: text/xml Content-Length: 419 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT ETag: "0x8DC582BB7F164C3" x-ms-request-id: b8b6ef80-e01e-0051-723f-3e84b2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223456Z-15b8b599d885ffrhhC1TEBtuv000000006m000000000gcxt x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:56 UTC	419	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=

Session ID	Source IP	Source Port	Destination IP	Destination Port
59	192.168.2.4	49803	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:56 UTC	192	OUT	GET /rules/rule120656v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:56 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:56 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT ETag: "0x8DC582BA48B5BDD" x-ms-request-id: 2309915e-d01e-0014-6179-3eed58000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223456Z-15b8b599d882hxlwhC1TEBfa5w00000006eg00000000ddg7 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:56 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
60	192.168.2.4	49805	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:56 UTC	192	OUT	GET /rules/rule120658v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:57 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:56 GMT Content-Type: text/xml Content-Length: 472 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT ETag: "0x8DC582BB650C2EC" x-ms-request-id: 0a397e49-e01e-0051-357f-3b84b2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223456Z-174c587ffdfb485jhC1TEBmc1s00000006g0000000000n68 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:57 UTC	472	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
61	192.168.2.4	49806	13.107.246.63	443

Timestamp	Bytes transferred	Direction	Data
2024-11-25 22:34:56 UTC	192	OUT	GET /rules/rule120659v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-11-25 22:34:57 UTC	470	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 22:34:56 GMT Content-Type: text/xml Content-Length: 468 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT ETag: "0x8DC582BB3EAF226" x-ms-request-id: b855c3e2-e01e-0051-540f-3e84b2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241125T223456Z-15b8b599d88s6mj9hC1TEBur3000000006e0000000006tzf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-11-25 22:34:57 UTC	468	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 5172, Parent PID: 5224

General

Target ID:	0
Start time:	17:33:33
Start date:	25/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 2300, Parent PID: 5172

General

Target ID:	2
Start time:	17:33:35
Start date:	25/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1904,i,6121546976876511642,420334715097434302,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6316, Parent PID: 5224

General

Target ID:	3
Start time:	17:33:38
Start date:	25/11/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ae.sanoficonnect.com/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://ae.sanoficonnect.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 39

Chrome Cache Entry: 40

Static File Info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Statistics

CPU Usage

Memory Usage

Behavior

System Behavior

Analysis Process: chrome.exePID: 5172, Parent PID: 5224

General

Chronological Activities

Analysis Process: chrome.exePID: 2300, Parent PID: 5172

General

Chronological Activities

Analysis Process: chrome.exePID: 6316, Parent PID: 5224

General

Chronological Activities

Disassembly

Windows Analysis Report
https://ae.sanoficonnect.com/