Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==

Overview

General Information

Sample URL:http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==
Analysis ID:1562778
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5932 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4080 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1548,i,9335674428999715768,9469686532170757699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6296 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==Avira URL Cloud: detection malicious, Label: malware
Multi AV Scanner detection for submitted file
Source: http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==Virustotal: Detection: 8%Perma Link
Source: http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 2.16.149.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.16.149.153
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknownTCP traffic detected without corresponding DNS query: 172.202.163.200
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=264Utm2bk8rKkTB&MD=l8DaBm2+ HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=264Utm2bk8rKkTB&MD=l8DaBm2+ HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA== HTTP/1.1Host: nxsnsstwhbaf.apexhallechuca.com.auConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: nxsnsstwhbaf.apexhallechuca.com.auConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: nxsnsstwhbaf.apexhallechuca.com.au
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Tue, 26 Nov 2024 00:22:15 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedVary: Accept-EncodingContent-Encoding: gzipData Raw: 66 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 bd 4e 03 31 10 84 7b 3f c5 92 86 06 e2 f0 53 5a 96 20 77 11 91 02 a4 38 8a 94 8e bd 8a 2d dd d9 17 7b 4d 74 6f 8f 7d a1 80 72 67 bf d1 cc ae b8 69 3e d7 dd 61 df c2 5b f7 be 83 fd d7 eb 6e bb 86 c5 3d e7 db b6 db 70 de 74 cd 75 f3 b8 5c 71 de 7e 2c 24 13 96 86 5e 0a 8b ca 94 81 1c f5 28 9f 57 4f b0 09 f1 e8 8c 41 2f f8 55 64 82 cf 90 38 06 33 55 df 83 fc c3 94 89 89 51 1e 42 06 13 fc 2d 81 55 df 08 23 c6 c1 a5 e4 82 07 0a a0 b4 c6 94 80 ac 4b 10 31 85 1c 35 2e 05 1f 67 e7 8b 31 8e 0a a8 fa 7e ba 03 05 ff 3a 30 8c 31 44 b8 a8 04 e8 75 c8 9e 30 a2 81 8b 75 3d 02 c5 c9 f9 53 0d c8 09 41 79 68 2b dc 04 9d 07 f4 54 75 ab bc a9 a0 c5 92 7b ce 98 e8 37 96 cf b7 94 f6 f5 07 ec 07 00 3e d4 86 3e 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: f7UN1{?SZ w8-{Mto}rgi>a[n=ptu\q~,$^(WOA/Ud83UQB-U#K15.g1~:01Du0u=SAyh+Tu{7>>0
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49751 version: TLS 1.2
Source: classification engineClassification label: mal56.win@16/4@4/4
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1548,i,9335674428999715768,9469686532170757699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA=="
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1548,i,9335674428999715768,9469686532170757699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==100%Avira URL Cloudmalware
http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==8%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://nxsnsstwhbaf.apexhallechuca.com.au/favicon.ico0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
nxsnsstwhbaf.apexhallechuca.com.au
203.170.87.17
truefalse
    		high
    www.google.com
    		142.250.181.100
    		truefalse
      		high

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      http://nxsnsstwhbaf.apexhallechuca.com.au/favicon.icofalse
      • Avira URL Cloud: safe
      		unknown
      http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==true
        		unknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        203.170.87.17
        		nxsnsstwhbaf.apexhallechuca.com.auAustralia
        		38719DREAMSCAPE-AS-APDreamscapeNetworksLimitedAUfalse
        239.255.255.250
        		unknownReserved
        		unknownunknownfalse
        142.250.181.100
        		www.google.comUnited States
        		15169GOOGLEUSfalse

        Private

        IP
        192.168.2.4

        General Information

        Joe Sandbox version:41.0.0 Charoite
        Analysis ID:1562778
        Start date and time:2024-11-26 01:21:19 +01:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 2m 38s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:7
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:MAL
        Classification:mal56.win@16/4@4/4

        Warnings

        • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 74.125.205.84, 172.217.17.46, 172.217.19.227, 34.104.35.123, 2.20.68.210, 192.229.221.95, 172.217.17.35
        • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, ocsp.digicert.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, otelrules.azureedge.net, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
        • Not all processes where analyzed, report is missing behavior information
        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

        Simulations

        Behavior and APIs

        No simulations

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        Chrome Cache Entry: 40

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:HTML document, ASCII text
        Category:downloaded
        Size (bytes):675
        Entropy (8bit):4.801795188931319
        Encrypted:false
        SSDEEP:12:J0+ox0UDWsRGDW8hsw4Aox1WR3oKcOg9DXtmIrgvRMKiSQe9uE7F50vIqUDWvjsq:yiUDWsYDWus/q3oKc9Xt+vEHK50vZUD4
        MD5:83D7C5CFFB5C6A92433D10733EC31350
        SHA1:AFE7803EA7F7EC876D9345772ADB16E3AB807767
        SHA-256:D55B065602E75937C2E1346CA0AEBA3076CE7C611F4027A178FD95D1A8DB9325
        SHA-512:3E53BBE9C61C5A06FC624496AC081C7FE5C4942809A8BB9A309D29734C39C3BF8EACA6C5818BB1A261BAF8B9FBDBC8F39769F2F4B8B3B70C8C245C8AA267C2A0
        Malicious:false
        Reputation:low
        URL:http://nxsnsstwhbaf.apexhallechuca.com.au/favicon.ico
        Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>500 Internal Server Error</title>.</head><body>.<h1>Internal Server Error</h1>.<p>The server encountered an internal error or.misconfiguration and was unable to complete.your request.</p>.<p>Please contact the server administrator at . webmaster@apexhallechuca.com.au to inform them of the time this error occurred,. and the actions you performed just before this error.</p>.<p>More information about this error may be available.in the server error log.</p>.<p>Additionally, a 500 Internal Server Error.error was encountered while trying to use an ErrorDocument to handle the request.</p>.</body></html>.

        Chrome Cache Entry: 41

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:gzip compressed data, from Unix, original size modulo 2^32 318
        Category:downloaded
        Size (bytes):247
        Entropy (8bit):7.042748444098653
        Encrypted:false
        SSDEEP:6:Xt5RZBxMvKZ/oQbjjDZyW24O46b3euGY+E:XvxfHjD524X7Y+E
        MD5:32CC3F38910EEA6DB014CD3316C7505F
        SHA1:62B97F0311CE60ED9BFD7DDEF1074A57C56D8DB0
        SHA-256:15C9FA180F621FDD600EBB02C3E183E4396065CA5E10843B7FDB61EB952CF318
        SHA-512:D86BD5851634107C29F5EEE9CB032C06AA3A12934455E9102099355A502B4DCA1ED21A8D7A7E14788575C97CD779799FFF26FE6A00D601158CF5B0A12E859717
        Malicious:false
        Reputation:low
        URL:http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==
        Preview:..........U..N.1..{?.....SZ. w....8.....-...{Mto.}..rg....i>..a..[......n...=...p.t.u.\q.~,$...^......(.WO....A/.Ud..8.3U.....Q.B...-.U..#...........K.1..5...g.1....~....:0.1D....u.0...u=....S...Ayh+.....Tu.....{..7.........>.>...

        Static File Info

        No static file info

        Network Behavior

        Network Port Distribution

        TCP Packets

        TimestampSource PortDest PortSource IPDest IP
        Nov 26, 2024 01:22:03.805777073 CET49675443192.168.2.4173.222.162.32
        Nov 26, 2024 01:22:13.414108038 CET49675443192.168.2.4173.222.162.32
        Nov 26, 2024 01:22:13.729228020 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.730026960 CET4973680192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.822057962 CET4973780192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.849174976 CET8049735203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:13.849250078 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.849540949 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.849934101 CET8049736203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:13.849987984 CET4973680192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.942038059 CET8049737203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:13.942229033 CET4973780192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:13.969441891 CET8049735203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:15.418411016 CET8049735203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:15.457505941 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:15.708770037 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:15.829070091 CET8049735203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:15.964983940 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:15.964999914 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:15.965056896 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:15.965276003 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:15.965287924 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:16.289647102 CET8049735203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:16.335800886 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:16.868623018 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:16.868652105 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:16.868737936 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:16.870356083 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:16.870368958 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:17.663683891 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:17.664055109 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:17.664078951 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:17.664937973 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:17.664988041 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:17.666820049 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:17.666883945 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:17.710786104 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:17.710793018 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:17.757638931 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:18.297949076 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.298012972 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.300117016 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.300127983 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.300347090 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.333153009 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.375330925 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.820689917 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.820771933 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.820838928 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.820909023 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.820920944 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.820933104 CET49742443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.820936918 CET4434974223.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.855571032 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.855597019 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:18.855691910 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.856091976 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:18.856103897 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.280563116 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.280647039 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:20.281804085 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:20.281811953 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.282033920 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.283042908 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:20.323337078 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.808237076 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.808296919 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.808347940 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:20.808994055 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:20.809003115 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:20.809021950 CET49743443192.168.2.423.218.208.109
        Nov 26, 2024 01:22:20.809027910 CET4434974323.218.208.109192.168.2.4
        Nov 26, 2024 01:22:26.287672043 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:26.287703037 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:26.287837982 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:26.288860083 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:26.288873911 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:27.382509947 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:27.382566929 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:27.382725000 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:28.006337881 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:28.006432056 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:28.008946896 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:28.008959055 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:28.009172916 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:28.054316044 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:28.477771044 CET49740443192.168.2.4142.250.181.100
        Nov 26, 2024 01:22:28.477787971 CET44349740142.250.181.100192.168.2.4
        Nov 26, 2024 01:22:29.671412945 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:29.719326973 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.241775990 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.241801023 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.241807938 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.241882086 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.241950035 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.241965055 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:30.241980076 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.242012024 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:30.242036104 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:30.260957956 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.261029959 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:30.261034966 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:30.261075020 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:31.647317886 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:31.647340059 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:31.647373915 CET49744443192.168.2.4172.202.163.200
        Nov 26, 2024 01:22:31.647383928 CET44349744172.202.163.200192.168.2.4
        Nov 26, 2024 01:22:33.924180984 CET4972380192.168.2.42.16.149.153
        Nov 26, 2024 01:22:34.044620991 CET80497232.16.149.153192.168.2.4
        Nov 26, 2024 01:22:34.044673920 CET4972380192.168.2.42.16.149.153
        Nov 26, 2024 01:22:58.851726055 CET4973680192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:58.945342064 CET4973780192.168.2.4203.170.87.17
        Nov 26, 2024 01:22:58.971683979 CET8049736203.170.87.17192.168.2.4
        Nov 26, 2024 01:22:59.065592051 CET8049737203.170.87.17192.168.2.4
        Nov 26, 2024 01:23:01.304948092 CET4973580192.168.2.4203.170.87.17
        Nov 26, 2024 01:23:01.425240040 CET8049735203.170.87.17192.168.2.4
        Nov 26, 2024 01:23:07.872886896 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:07.872937918 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:07.873137951 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:07.873370886 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:07.873390913 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:09.034048080 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:09.034080029 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:09.034272909 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:09.034463882 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:09.034481049 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:09.553086996 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:09.553268909 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:09.556394100 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:09.556418896 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:09.556638002 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:09.568176985 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:09.615324974 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.225054979 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.225075960 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.225095034 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.225394011 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:10.225461006 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.225558996 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:10.264626026 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.264664888 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.264702082 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.264816046 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:10.264816046 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:10.264885902 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:10.264926910 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.264954090 CET49750443192.168.2.4172.202.163.200
        Nov 26, 2024 01:23:10.264969110 CET44349750172.202.163.200192.168.2.4
        Nov 26, 2024 01:23:10.823239088 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:10.823344946 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:10.824876070 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:10.824884892 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:10.825210094 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:10.835481882 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:10.879365921 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.309305906 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.309333086 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.309351921 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.309509039 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.309520960 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.309577942 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.495498896 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.495526075 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.495706081 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.495716095 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.495764971 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.577784061 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.577845097 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.578032017 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.578032017 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.578041077 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.578099966 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.677901030 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.677923918 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.678080082 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.678087950 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.678137064 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.713494062 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.713521004 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.713658094 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.713658094 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.713665962 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.713713884 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.734642029 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.734675884 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.734720945 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.734726906 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.734770060 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.752809048 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.752832890 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.752895117 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.752902985 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.753051996 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.873323917 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.873349905 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.873406887 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.873414993 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.873456955 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.889204025 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.889230967 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.889267921 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.889276981 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.889460087 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.889460087 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.904154062 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.904180050 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.904215097 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.904220104 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.904370070 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.904370070 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.919188023 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.919212103 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.919327974 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.919327974 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.919334888 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.919383049 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.933147907 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.933168888 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.933212042 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.933231115 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.933368921 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.933368921 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.946192026 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.946214914 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.946258068 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.946269035 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.946414948 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.946414948 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.952594042 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.952651978 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.952658892 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.952685118 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.952711105 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.952737093 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.952753067 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.952760935 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.952770948 CET49751443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.952775955 CET4434975113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.992238998 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.992249966 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.992346048 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.993642092 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.993666887 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.993731022 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.993880033 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.993891954 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.994764090 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.994771004 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.994820118 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.994915962 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.994924068 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.994999886 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.995012999 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.995923996 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.995997906 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.996073961 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.996516943 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.996547937 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.996583939 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.996602058 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:11.996669054 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.996963024 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:11.996995926 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.776118040 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.776554108 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.776571989 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.777009010 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.777014017 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.777019024 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.777256012 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.777271032 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.777616978 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.777621031 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.778939962 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.779158115 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.779164076 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.779745102 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.779752016 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.780308962 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.780687094 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.780761003 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.781163931 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.781181097 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.784440994 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.784787893 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.784821987 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.785262108 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:13.785269976 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:13.946199894 CET4973680192.168.2.4203.170.87.17
        Nov 26, 2024 01:23:13.946235895 CET4973780192.168.2.4203.170.87.17
        Nov 26, 2024 01:23:14.066860914 CET8049736203.170.87.17192.168.2.4
        Nov 26, 2024 01:23:14.066895008 CET8049737203.170.87.17192.168.2.4
        Nov 26, 2024 01:23:14.067015886 CET4973680192.168.2.4203.170.87.17
        Nov 26, 2024 01:23:14.067022085 CET4973780192.168.2.4203.170.87.17
        Nov 26, 2024 01:23:14.219892979 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.219913006 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.219974995 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.219989061 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.220038891 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.220350027 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.220355034 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.220371008 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.220520973 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.220549107 CET4434975413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.220592022 CET49754443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.221916914 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.221973896 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.222028971 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.222125053 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.222137928 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.222147942 CET49755443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.222153902 CET4434975513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.223576069 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.223664999 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.223747015 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.223901987 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.223931074 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.224251986 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.224313974 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.224384069 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.224478960 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.224509001 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.225706100 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.225756884 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.225816011 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.225939989 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.225939989 CET49757443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.225961924 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.225981951 CET4434975713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.227783918 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.227821112 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.227870941 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.227880001 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.227920055 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228059053 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228063107 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.228082895 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228220940 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228257895 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.228266001 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.228311062 CET4434975313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.228321075 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228354931 CET49753443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228647947 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.228665113 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.230084896 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.230107069 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.230182886 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.230289936 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.230302095 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.232435942 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.232490063 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.232547045 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.232569933 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.232673883 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.232673883 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.232707977 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.233036995 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.233115911 CET4434975613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.233217955 CET49756443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.234535933 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.234553099 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:14.234612942 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.234715939 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:14.234733105 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.883816957 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:15.883893967 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:15.883989096 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:15.884213924 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:15.884248972 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:15.958509922 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.958971977 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:15.959036112 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.959445000 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:15.959459066 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.977437973 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.977895975 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:15.977921963 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.978420019 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:15.978425980 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.987479925 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.987867117 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:15.987878084 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:15.988251925 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:15.988256931 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.002511024 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.002861977 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.002892017 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.003248930 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.003261089 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.110805035 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.111152887 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.111165047 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.111555099 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.111561060 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.396507025 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.396589994 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.396652937 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.396797895 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.396841049 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.396867037 CET49758443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.396883011 CET4434975813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.399996042 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.400038004 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.400090933 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.400291920 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.400305986 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.413311005 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.413367987 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.413408995 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.413548946 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.413564920 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.413578987 CET49760443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.413584948 CET4434976013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.416064024 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.416100025 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.416162968 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.416274071 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.416289091 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.424164057 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.424323082 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.424371958 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.424438953 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.424438953 CET49762443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.424447060 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.424458027 CET4434976213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.426872015 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.426889896 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.426954985 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.427123070 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.427134991 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.448965073 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.449014902 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.449064016 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.449275017 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.449307919 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.449356079 CET49759443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.449372053 CET4434975913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.451539993 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.451550007 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.451597929 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.451733112 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.451741934 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.564613104 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.564655066 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.564723015 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.564851999 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.564873934 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.564891100 CET49761443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.564898014 CET4434976113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.567138910 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.567178965 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:16.567250967 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.567368984 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:16.567390919 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:17.668585062 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:17.668936968 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:17.668968916 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:17.669254065 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:17.669663906 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:17.669720888 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:17.710730076 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:18.131412983 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.131947994 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.131968021 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.132540941 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.132545948 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.230562925 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.230979919 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.230995893 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.231527090 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.231533051 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.260219097 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.260576963 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.260591030 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.261116028 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.261120081 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.293210983 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.293601990 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.293612003 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.294130087 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.294133902 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.362274885 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.362586021 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.362608910 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.362973928 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.362977982 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.566441059 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.566503048 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.566591024 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.566721916 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.566740036 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.566749096 CET49764443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.566755056 CET4434976413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.569525003 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.569554090 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.569628000 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.569838047 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.569849014 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.674853086 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.674896955 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.674948931 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.675107956 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.675116062 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.675127029 CET49767443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.675136089 CET4434976713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.677968979 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.677989960 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.678085089 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.678241014 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.678251982 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.714375973 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.714433908 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.714487076 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.714605093 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.714608908 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.714644909 CET49765443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.714648008 CET4434976513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.716768980 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.716780901 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.716854095 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.716979980 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.716989994 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.745682955 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.745762110 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.746011019 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.746115923 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.746125937 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.746155024 CET49766443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.746160030 CET4434976613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.748142004 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.748250008 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.748322010 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.748435020 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.748467922 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.809802055 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.809845924 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.809895039 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.810019016 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.810025930 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.810034990 CET49768443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.810039997 CET4434976813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.812220097 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.812242985 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:18.812321901 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.812448025 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:18.812463045 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.392638922 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.393152952 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.393178940 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.393755913 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.393759966 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.415518999 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.415844917 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.415870905 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.416361094 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.416367054 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.434359074 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.434628010 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.434640884 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.435098886 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.435103893 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.463701963 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.463972092 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.464015961 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.464417934 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.464436054 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.592916965 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.593310118 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.593357086 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.593847990 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.593863964 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.828830004 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.828880072 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.828942060 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.829092026 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.829104900 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.829114914 CET49770443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.829118967 CET4434977013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.831820011 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.831885099 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.832037926 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.832178116 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.832211971 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.870043993 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.870099068 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.870147943 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.870265007 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.870275974 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.870285034 CET49771443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.870289087 CET4434977113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.872497082 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.872545958 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.872628927 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.872767925 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.872798920 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.887305021 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.887362957 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.887407064 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.887516022 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.887520075 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.887528896 CET49769443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.887531996 CET4434976913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.889966011 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.889978886 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.890048027 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.890161037 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.890172005 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.899472952 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.899620056 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.899682999 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.899729967 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.899729967 CET49772443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.899754047 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.899775982 CET4434977213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.901865959 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.901881933 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:20.901956081 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.902071953 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:20.902081966 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.042151928 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.042198896 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.042248964 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:21.042418957 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:21.042437077 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.042452097 CET49773443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:21.042459011 CET4434977313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.045264959 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:21.045274973 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.045382977 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:21.045522928 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:21.045531988 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:21.148153067 CET4972480192.168.2.4199.232.210.172
        Nov 26, 2024 01:23:21.268425941 CET8049724199.232.210.172192.168.2.4
        Nov 26, 2024 01:23:21.268599033 CET4972480192.168.2.4199.232.210.172
        Nov 26, 2024 01:23:22.546678066 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.547149897 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.547202110 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.547599077 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.547615051 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.705415964 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.705769062 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.705790043 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.706131935 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.706136942 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.717859983 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.718164921 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.718177080 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.718528032 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.718533993 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.720587015 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.720854998 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.720913887 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.721194029 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.721210957 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.889002085 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.889415026 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.889422894 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.889823914 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.889827967 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.982300997 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.982342958 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.982400894 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.982552052 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.982553005 CET49774443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.982589006 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.982613087 CET4434977413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.985110044 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.985130072 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:22.985207081 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.985369921 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:22.985385895 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.149722099 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.149892092 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.149964094 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.150053024 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.150064945 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.150074005 CET49777443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.150078058 CET4434977713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.152769089 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.152801037 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.152885914 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.153055906 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.153072119 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.162539959 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.162592888 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.162646055 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.162755966 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.162763119 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.162798882 CET49776443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.162803888 CET4434977613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.164554119 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.164618969 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.164696932 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.164834976 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.164860964 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.173842907 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.173894882 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.173953056 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.174062014 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.174062014 CET49775443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.174084902 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.174109936 CET4434977513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.175693035 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.175721884 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.175800085 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.175940990 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.175966024 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.343496084 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.343539000 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.343632936 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.343817949 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.343822956 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.343832970 CET49778443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.343836069 CET4434977813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.346092939 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.346127987 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:23.346231937 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.346432924 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:23.346461058 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.841509104 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.842004061 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:24.842031002 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.842408895 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:24.842412949 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.931255102 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.931569099 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:24.931610107 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.931900978 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:24.931919098 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.947793961 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.948029041 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:24.948086023 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:24.948293924 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:24.948309898 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.051466942 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.051892996 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.051918983 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.052274942 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.052285910 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.153902054 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.154330969 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.154382944 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.154766083 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.154777050 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.287013054 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.287059069 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.287106991 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.287226915 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.287242889 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.287257910 CET49779443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.287262917 CET4434977913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.289839029 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.289872885 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.289941072 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.290086985 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.290098906 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.367228985 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.367408991 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.367484093 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.367539883 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.367571115 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.367597103 CET49780443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.367609978 CET4434978013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.369784117 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.369828939 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.369891882 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.369997025 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.370013952 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.393604040 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.393677950 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.393735886 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.393845081 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.393845081 CET49781443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.393881083 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.393912077 CET4434978113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.395766020 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.395776987 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.395838022 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.395936012 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.395946026 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.506441116 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.506499052 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.506552935 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.506697893 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.506697893 CET49782443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.506720066 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.506741047 CET4434978213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.509243011 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.509279013 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.509336948 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.509440899 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.509457111 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.598073959 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.598154068 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.598210096 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.598282099 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.598282099 CET49783443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.598305941 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.598326921 CET4434978313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.600311041 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.600337029 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:25.600397110 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.600539923 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:25.600552082 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.136674881 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.137105942 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.137120962 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.137501001 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.137506008 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.176171064 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.176423073 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.176430941 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.176740885 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.176744938 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.219996929 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.220434904 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.220460892 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.220822096 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.220828056 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.224701881 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.225038052 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.225053072 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.225667000 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.225672007 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.356132984 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:27.356180906 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:27.356317997 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:27.446090937 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.446418047 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.446429968 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.446775913 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.446780920 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.590532064 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.590575933 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.590617895 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.590792894 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.590801954 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.590814114 CET49784443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.590817928 CET4434978413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.593458891 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.593496084 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.593575001 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.593727112 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.593745947 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.620248079 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.620306015 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.620351076 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.620445967 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.620450020 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.620460987 CET49786443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.620465040 CET4434978613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.622543097 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.622561932 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.622633934 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.622770071 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.622781992 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.660422087 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.660487890 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.660543919 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.660664082 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.660684109 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.660696983 CET49787443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.660703897 CET4434978713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.662406921 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.662422895 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.662494898 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.662606955 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.662621021 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.674149036 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.674285889 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.674344063 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.674361944 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.674367905 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.674380064 CET49785443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.674385071 CET4434978513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.675957918 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.675970078 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.676028013 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.676126003 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.676135063 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.900202036 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.900252104 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.900305033 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.900435925 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.900444984 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.900454998 CET49788443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.900463104 CET4434978813.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.902213097 CET49793443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.902242899 CET4434979313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:27.902316093 CET49793443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.902429104 CET49793443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:27.902443886 CET4434979313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:28.469549894 CET49763443192.168.2.4142.250.181.100
        Nov 26, 2024 01:23:28.469585896 CET44349763142.250.181.100192.168.2.4
        Nov 26, 2024 01:23:29.374536991 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.375030994 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.375056982 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.375510931 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.375518084 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.442764044 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.443147898 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.443162918 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.443568945 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.443573952 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.505743980 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.506091118 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.506113052 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.506480932 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.506484985 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.513225079 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.513540983 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.513566971 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.513933897 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.513938904 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.689673901 CET4434979313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.690004110 CET49793443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.690027952 CET4434979313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.690387011 CET49793443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.690391064 CET4434979313.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.819947004 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.819997072 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.820240021 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.820274115 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.820274115 CET49789443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.820297956 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.820310116 CET4434978913.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.822838068 CET49794443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.822858095 CET4434979413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.822940111 CET49794443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.823081017 CET49794443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.823091030 CET4434979413.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.879574060 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.879616022 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.879781961 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.879815102 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.879822969 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.879832983 CET49792443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.879837036 CET4434979213.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.881932974 CET49795443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.881969929 CET4434979513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.882132053 CET49795443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.882265091 CET49795443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.882281065 CET4434979513.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.960458040 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.960520983 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.960644960 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.960663080 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.960671902 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.960681915 CET49790443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.960685968 CET4434979013.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.962488890 CET49796443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.962502003 CET4434979613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.962579012 CET49796443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.962764978 CET49796443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.962774992 CET4434979613.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.966866970 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.966928005 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.966999054 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.967082977 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.967082977 CET49791443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.967096090 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.967104912 CET4434979113.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.969234943 CET49797443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.969258070 CET4434979713.107.246.63192.168.2.4
        Nov 26, 2024 01:23:29.969372988 CET49797443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.969474077 CET49797443192.168.2.413.107.246.63
        Nov 26, 2024 01:23:29.969489098 CET4434979713.107.246.63192.168.2.4

        UDP Packets

        TimestampSource PortDest PortSource IPDest IP
        Nov 26, 2024 01:22:12.220444918 CET53625481.1.1.1192.168.2.4
        Nov 26, 2024 01:22:12.234288931 CET53622951.1.1.1192.168.2.4
        Nov 26, 2024 01:22:13.547699928 CET5605853192.168.2.41.1.1.1
        Nov 26, 2024 01:22:13.547699928 CET6518853192.168.2.41.1.1.1
        Nov 26, 2024 01:22:13.687712908 CET53560581.1.1.1192.168.2.4
        Nov 26, 2024 01:22:13.776493073 CET53651881.1.1.1192.168.2.4
        Nov 26, 2024 01:22:15.138292074 CET53553741.1.1.1192.168.2.4
        Nov 26, 2024 01:22:15.821458101 CET6073353192.168.2.41.1.1.1
        Nov 26, 2024 01:22:15.821588039 CET5511953192.168.2.41.1.1.1
        Nov 26, 2024 01:22:15.960751057 CET53607331.1.1.1192.168.2.4
        Nov 26, 2024 01:22:15.964226007 CET53551191.1.1.1192.168.2.4
        Nov 26, 2024 01:22:32.086447001 CET53492141.1.1.1192.168.2.4
        Nov 26, 2024 01:22:32.717047930 CET138138192.168.2.4192.168.2.255
        Nov 26, 2024 01:22:51.101238012 CET53524241.1.1.1192.168.2.4
        Nov 26, 2024 01:23:11.860729933 CET53635481.1.1.1192.168.2.4
        Nov 26, 2024 01:23:14.086621046 CET53621951.1.1.1192.168.2.4

        ICMP Packets

        TimestampSource IPDest IPChecksumCodeType
        Nov 26, 2024 01:22:13.776572943 CET192.168.2.41.1.1.1c24e(Port unreachable)Destination Unreachable

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Nov 26, 2024 01:22:13.547699928 CET192.168.2.41.1.1.10x1538Standard query (0)nxsnsstwhbaf.apexhallechuca.com.auA (IP address)IN (0x0001)false
        Nov 26, 2024 01:22:13.547699928 CET192.168.2.41.1.1.10xe4c4Standard query (0)nxsnsstwhbaf.apexhallechuca.com.au65IN (0x0001)false
        Nov 26, 2024 01:22:15.821458101 CET192.168.2.41.1.1.10x3cd6Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Nov 26, 2024 01:22:15.821588039 CET192.168.2.41.1.1.10x1c74Standard query (0)www.google.com65IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Nov 26, 2024 01:22:13.687712908 CET1.1.1.1192.168.2.40x1538No error (0)nxsnsstwhbaf.apexhallechuca.com.au203.170.87.17A (IP address)IN (0x0001)false
        Nov 26, 2024 01:22:15.960751057 CET1.1.1.1192.168.2.40x3cd6No error (0)www.google.com142.250.181.100A (IP address)IN (0x0001)false
        Nov 26, 2024 01:22:15.964226007 CET1.1.1.1192.168.2.40x1c74No error (0)www.google.com65IN (0x0001)false

        HTTP Request Dependency Graph

        • fs.microsoft.com
        • slscr.update.microsoft.com
        • otelrules.azureedge.net
        • nxsnsstwhbaf.apexhallechuca.com.au

        HTTP Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.449735203.170.87.17804080C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Nov 26, 2024 01:22:13.849540949 CET489OUTGET /?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA== HTTP/1.1
        Host: nxsnsstwhbaf.apexhallechuca.com.au
        Connection: keep-alive
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Nov 26, 2024 01:22:15.418411016 CET456INHTTP/1.1 403 Forbidden
        Server: nginx
        Date: Tue, 26 Nov 2024 00:22:15 GMT
        Content-Type: text/html; charset=iso-8859-1
        Transfer-Encoding: chunked
        Vary: Accept-Encoding
        Content-Encoding: gzip
        Data Raw: 66 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 bd 4e 03 31 10 84 7b 3f c5 92 86 06 e2 f0 53 5a 96 20 77 11 91 02 a4 38 8a 94 8e bd 8a 2d dd d9 17 7b 4d 74 6f 8f 7d a1 80 72 67 bf d1 cc ae b8 69 3e d7 dd 61 df c2 5b f7 be 83 fd d7 eb 6e bb 86 c5 3d e7 db b6 db 70 de 74 cd 75 f3 b8 5c 71 de 7e 2c 24 13 96 86 5e 0a 8b ca 94 81 1c f5 28 9f 57 4f b0 09 f1 e8 8c 41 2f f8 55 64 82 cf 90 38 06 33 55 df 83 fc c3 94 89 89 51 1e 42 06 13 fc 2d 81 55 df 08 23 c6 c1 a5 e4 82 07 0a a0 b4 c6 94 80 ac 4b 10 31 85 1c 35 2e 05 1f 67 e7 8b 31 8e 0a a8 fa 7e ba 03 05 ff 3a 30 8c 31 44 b8 a8 04 e8 75 c8 9e 30 a2 81 8b 75 3d 02 c5 c9 f9 53 0d c8 09 41 79 68 2b dc 04 9d 07 f4 54 75 ab bc a9 a0 c5 92 7b ce 98 e8 37 96 cf b7 94 f6 f5 07 ec 07 00 3e d4 86 3e 01 00 00 0d 0a 30 0d 0a 0d 0a
        Data Ascii: f7UN1{?SZ w8-{Mto}rgi>a[n=ptu\q~,$^(WOA/Ud83UQB-U#K15.g1~:01Du0u=SAyh+Tu{7>>0
        Nov 26, 2024 01:22:15.708770037 CET452OUTGET /favicon.ico HTTP/1.1
        Host: nxsnsstwhbaf.apexhallechuca.com.au
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
        Referer: http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA==
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Nov 26, 2024 01:22:16.289647102 CET831INHTTP/1.1 500 Internal Server Error
        Server: nginx
        Date: Tue, 26 Nov 2024 00:22:16 GMT
        Content-Type: text/html; charset=iso-8859-1
        Content-Length: 675
        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 61 70 65 78 68 61 6c 6c 65 63 68 75 63 61 2e 63 6f 6d 2e 61 75 [TRUNCATED]
        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@apexhallechuca.com.au to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><p>Additionally, a 500 Internal Server Errorerror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
        Nov 26, 2024 01:23:01.304948092 CET6OUTData Raw: 00
        Data Ascii:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.2.449736203.170.87.17804080C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Nov 26, 2024 01:22:58.851726055 CET6OUTData Raw: 00
        Data Ascii:


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        2192.168.2.449737203.170.87.17804080C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Nov 26, 2024 01:22:58.945342064 CET6OUTData Raw: 00
        Data Ascii:


        HTTPS Proxied Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.44974223.218.208.109443
        TimestampBytes transferredDirectionData
        2024-11-26 00:22:18 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        User-Agent: Microsoft BITS/7.8
        Host: fs.microsoft.com
        2024-11-26 00:22:18 UTC478INHTTP/1.1 200 OK
        Content-Type: application/octet-stream
        Server: Kestrel
        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
        X-Ms-ApiVersion: Distribute 1.2
        X-Ms-Region: prod-eus-z1
        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
        X-OSID: 2
        X-CID: 2
        X-CCC: GB
        Cache-Control: public, max-age=33073
        Date: Tue, 26 Nov 2024 00:22:18 GMT
        Connection: close
        X-CID: 2


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.2.44974323.218.208.109443
        TimestampBytes transferredDirectionData
        2024-11-26 00:22:20 UTC239OUTGET /fs/windows/config.json HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
        Range: bytes=0-2147483646
        User-Agent: Microsoft BITS/7.8
        Host: fs.microsoft.com
        2024-11-26 00:22:20 UTC534INHTTP/1.1 200 OK
        Content-Type: application/octet-stream
        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
        ApiVersion: Distribute 1.1
        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
        X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
        Cache-Control: public, max-age=33049
        Date: Tue, 26 Nov 2024 00:22:20 GMT
        Content-Length: 55
        Connection: close
        X-CID: 2
        2024-11-26 00:22:20 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        2192.168.2.449744172.202.163.200443
        TimestampBytes transferredDirectionData
        2024-11-26 00:22:29 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=264Utm2bk8rKkTB&MD=l8DaBm2+ HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
        Host: slscr.update.microsoft.com
        2024-11-26 00:22:30 UTC560INHTTP/1.1 200 OK
        Cache-Control: no-cache
        Pragma: no-cache
        Content-Type: application/octet-stream
        Expires: -1
        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
        MS-CorrelationId: b4ba329e-eaf3-473d-b83e-03291327fe55
        MS-RequestId: 5464104c-151b-48b3-ad78-4dda71ed09c1
        MS-CV: dq4NCg0AUka5qDL/.0
        X-Microsoft-SLSClientCache: 2880
        Content-Disposition: attachment; filename=environment.cab
        X-Content-Type-Options: nosniff
        Date: Tue, 26 Nov 2024 00:22:28 GMT
        Connection: close
        Content-Length: 24490
        2024-11-26 00:22:30 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
        2024-11-26 00:22:30 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        3192.168.2.449750172.202.163.200443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:09 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=264Utm2bk8rKkTB&MD=l8DaBm2+ HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
        Host: slscr.update.microsoft.com
        2024-11-26 00:23:10 UTC560INHTTP/1.1 200 OK
        Cache-Control: no-cache
        Pragma: no-cache
        Content-Type: application/octet-stream
        Expires: -1
        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
        ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
        MS-CorrelationId: e547feaf-11ea-408b-9b1e-84ef4c7e9bf5
        MS-RequestId: 20afaffe-c8d3-4feb-8c0e-2ae16d377898
        MS-CV: r/RLH+TaVUSlpZX6.0
        X-Microsoft-SLSClientCache: 1440
        Content-Disposition: attachment; filename=environment.cab
        X-Content-Type-Options: nosniff
        Date: Tue, 26 Nov 2024 00:23:08 GMT
        Connection: close
        Content-Length: 30005
        2024-11-26 00:23:10 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
        Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
        2024-11-26 00:23:10 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
        Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


        Session IDSource IPSource PortDestination IPDestination Port
        4192.168.2.44975113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:10 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:11 UTC492INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:11 GMT
        Content-Type: text/plain
        Content-Length: 218853
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public
        Last-Modified: Mon, 25 Nov 2024 13:17:46 GMT
        ETag: "0x8DD0D538D5EA1E0"
        x-ms-request-id: f5f75198-101e-00a2-8091-3f9f2e000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002311Z-174f7845968kvnqxhC1EWRmf3g0000000dcg000000004nv4
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:11 UTC15892INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
        Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
        2024-11-26 00:23:11 UTC16384INData Raw: 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20
        Data Ascii: <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V
        2024-11-26 00:23:11 UTC16384INData Raw: 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54
        Data Ascii: 20v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="T
        2024-11-26 00:23:11 UTC16384INData Raw: 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d
        Data Ascii: T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F=
        2024-11-26 00:23:11 UTC16384INData Raw: 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a
        Data Ascii: alse"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C>
        2024-11-26 00:23:11 UTC16384INData Raw: 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70
        Data Ascii: I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="Cleanup
        2024-11-26 00:23:11 UTC16384INData Raw: 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20
        Data Ascii: </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R>
        2024-11-26 00:23:11 UTC16384INData Raw: 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C>
        2024-11-26 00:23:11 UTC16384INData Raw: 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" />
        2024-11-26 00:23:11 UTC16384INData Raw: 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20
        Data Ascii: <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" />


        Session IDSource IPSource PortDestination IPDestination Port
        5192.168.2.44975413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:13 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:14 UTC494INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:14 GMT
        Content-Type: text/xml
        Content-Length: 2980
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
        ETag: "0x8DC582BA80D96A1"
        x-ms-request-id: 0a3cdbcf-401e-0016-597f-3f53e0000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002314Z-174f7845968kvnqxhC1EWRmf3g0000000dkg0000000017d0
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:14 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


        Session IDSource IPSource PortDestination IPDestination Port
        6192.168.2.44975513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:13 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:14 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:14 GMT
        Content-Type: text/xml
        Content-Length: 450
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
        ETag: "0x8DC582BD4C869AE"
        x-ms-request-id: 59158d4f-901e-00a0-5491-3f6a6d000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002314Z-174f7845968frfdmhC1EWRxxbw0000000ung000000004kgm
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:14 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


        Session IDSource IPSource PortDestination IPDestination Port
        7192.168.2.44975313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:13 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:14 UTC515INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:14 GMT
        Content-Type: text/xml
        Content-Length: 3788
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
        ETag: "0x8DC582BAC2126A6"
        x-ms-request-id: 0b3277ea-501e-00a0-5e91-3f9d9f000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002314Z-174f7845968cpnpfhC1EWR3afc0000000u8g000000003wb0
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:14 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


        Session IDSource IPSource PortDestination IPDestination Port
        8192.168.2.44975713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:13 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:14 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:14 GMT
        Content-Type: text/xml
        Content-Length: 408
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
        ETag: "0x8DC582BB56D3AFB"
        x-ms-request-id: dc0e4179-901e-005b-2991-3f2005000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002314Z-174f78459688l8rvhC1EWRtzr000000007b0000000003cqu
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:14 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


        Session IDSource IPSource PortDestination IPDestination Port
        9192.168.2.44975613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:13 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:14 UTC515INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:14 GMT
        Content-Type: text/xml
        Content-Length: 2160
        Connection: close
        Vary: Accept-Encoding
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
        ETag: "0x8DC582BA3B95D81"
        x-ms-request-id: 6eac4bdd-a01e-006f-1c91-3f13cd000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002314Z-174f7845968n2hr8hC1EWR9cag0000000u6g000000004bvx
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:14 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


        Session IDSource IPSource PortDestination IPDestination Port
        10192.168.2.44975813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:15 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:16 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:16 GMT
        Content-Type: text/xml
        Content-Length: 474
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
        ETag: "0x8DC582B9964B277"
        x-ms-request-id: 8ccd6c39-f01e-0085-6e81-3f88ea000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002316Z-174f7845968ljs8phC1EWRe6en0000000ugg0000000052su
        x-fd-int-roxy-purgeid: 0
        X-Cache-Info: L1_T2
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:16 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        11192.168.2.44976013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:15 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:16 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:16 GMT
        Content-Type: text/xml
        Content-Length: 471
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
        ETag: "0x8DC582BB10C598B"
        x-ms-request-id: 30944020-a01e-0053-5e8b-3f8603000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002316Z-174f7845968vqt9xhC1EWRgten0000000uq0000000004492
        x-fd-int-roxy-purgeid: 0
        X-Cache-Info: L1_T2
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:16 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        12192.168.2.44976213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:15 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:16 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:16 GMT
        Content-Type: text/xml
        Content-Length: 467
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
        ETag: "0x8DC582BA6C038BC"
        x-ms-request-id: 3360fb1d-601e-0097-3291-3ff33a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002316Z-174f7845968xlwnmhC1EWR0sv80000000ug0000000003z5r
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:16 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        13192.168.2.44975913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:15 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:16 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:16 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
        ETag: "0x8DC582B9F6F3512"
        x-ms-request-id: f5d49257-301e-005d-758c-3fe448000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002316Z-174f7845968v75bwhC1EWRuqen0000000fh0000000004atf
        x-fd-int-roxy-purgeid: 0
        X-Cache-Info: L1_T2
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:16 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        14192.168.2.44976113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:16 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:16 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:16 GMT
        Content-Type: text/xml
        Content-Length: 632
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
        ETag: "0x8DC582BB6E3779E"
        x-ms-request-id: 6f96f590-e01e-0099-0e7f-3fda8a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002316Z-174f784596886s2bhC1EWR743w0000000ut00000000046b4
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:16 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


        Session IDSource IPSource PortDestination IPDestination Port
        15192.168.2.44976413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:18 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:18 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:18 GMT
        Content-Type: text/xml
        Content-Length: 407
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
        ETag: "0x8DC582BBAD04B7B"
        x-ms-request-id: ed9dfa2a-401e-0015-7891-3f0e8d000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002318Z-174f7845968vqt9xhC1EWRgten0000000uu00000000021b3
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:18 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


        Session IDSource IPSource PortDestination IPDestination Port
        16192.168.2.44976713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:18 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:18 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:18 GMT
        Content-Type: text/xml
        Content-Length: 486
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
        ETag: "0x8DC582B9018290B"
        x-ms-request-id: dc0e488f-901e-005b-3891-3f2005000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002318Z-174f7845968frfdmhC1EWRxxbw0000000uu0000000002h91
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:18 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        17192.168.2.44976513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:18 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:18 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:18 GMT
        Content-Type: text/xml
        Content-Length: 486
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
        ETag: "0x8DC582BB344914B"
        x-ms-request-id: 6eac52fb-a01e-006f-2191-3f13cd000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002318Z-174f7845968nxc96hC1EWRspw80000000ugg00000000213q
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:18 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        18192.168.2.44976613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:18 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:18 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:18 GMT
        Content-Type: text/xml
        Content-Length: 427
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
        ETag: "0x8DC582BA310DA18"
        x-ms-request-id: c665a67d-901e-002a-1b91-3f7a27000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002318Z-174f78459684bddphC1EWRbht40000000uc0000000004qyy
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:18 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


        Session IDSource IPSource PortDestination IPDestination Port
        19192.168.2.44976813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:18 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:18 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:18 GMT
        Content-Type: text/xml
        Content-Length: 407
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
        ETag: "0x8DC582B9698189B"
        x-ms-request-id: ff98645e-b01e-0001-1091-3f46e2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002318Z-174f7845968jrjrxhC1EWRmmrs0000000utg000000003rwz
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:18 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


        Session IDSource IPSource PortDestination IPDestination Port
        20192.168.2.44977013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:20 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:20 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:20 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
        ETag: "0x8DC582BA41997E3"
        x-ms-request-id: 106d127d-401e-008c-1a91-3f86c2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002320Z-174f78459685m244hC1EWRgp2c0000000ufg000000004hfh
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:20 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        21192.168.2.44976913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:20 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:20 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:20 GMT
        Content-Type: text/xml
        Content-Length: 469
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
        ETag: "0x8DC582BBA701121"
        x-ms-request-id: 417b6c53-401e-0029-0d91-3f9b43000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002320Z-174f7845968px8v7hC1EWR08ng0000000uy0000000004gcu
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:20 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        22192.168.2.44977113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:20 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:20 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:20 GMT
        Content-Type: text/xml
        Content-Length: 477
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
        ETag: "0x8DC582BB8CEAC16"
        x-ms-request-id: e9babc56-001e-0049-5291-3f5bd5000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002320Z-174f7845968g6hv8hC1EWR1v2n00000002ng000000004bh3
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:20 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        23192.168.2.44977213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:20 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:20 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:20 GMT
        Content-Type: text/xml
        Content-Length: 464
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
        ETag: "0x8DC582B97FB6C3C"
        x-ms-request-id: a99e6065-701e-006f-4d91-3fafc4000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002320Z-174f7845968ljs8phC1EWRe6en0000000ukg000000004ntu
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:20 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


        Session IDSource IPSource PortDestination IPDestination Port
        24192.168.2.44977313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:20 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:21 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:20 GMT
        Content-Type: text/xml
        Content-Length: 494
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
        ETag: "0x8DC582BB7010D66"
        x-ms-request-id: 3fc8b732-401e-0083-1091-3f075c000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002320Z-174f7845968cpnpfhC1EWR3afc0000000uc0000000003cx7
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:21 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        25192.168.2.44977413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:22 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:22 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:22 GMT
        Content-Type: text/xml
        Content-Length: 419
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
        ETag: "0x8DC582B9748630E"
        x-ms-request-id: 02716611-001e-00ad-7089-3f554b000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002322Z-174f7845968g6hv8hC1EWR1v2n00000002h0000000004vwx
        x-fd-int-roxy-purgeid: 0
        X-Cache-Info: L1_T2
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:22 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


        Session IDSource IPSource PortDestination IPDestination Port
        26192.168.2.44977713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:22 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:23 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:22 GMT
        Content-Type: text/xml
        Content-Length: 468
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
        ETag: "0x8DC582B9C8E04C8"
        x-ms-request-id: f5817373-b01e-003e-3591-3f8e41000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002322Z-174f7845968l4kp6hC1EWRe8840000000v000000000038x2
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:23 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        27192.168.2.44977613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:22 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:23 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:22 GMT
        Content-Type: text/xml
        Content-Length: 404
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
        ETag: "0x8DC582B9E8EE0F3"
        x-ms-request-id: f5c4af5a-301e-005d-6385-3fe448000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002322Z-174f78459685m244hC1EWRgp2c0000000um0000000002nuc
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:23 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


        Session IDSource IPSource PortDestination IPDestination Port
        28192.168.2.44977513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:22 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:23 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:22 GMT
        Content-Type: text/xml
        Content-Length: 472
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
        ETag: "0x8DC582B9DACDF62"
        x-ms-request-id: b18988de-c01e-0079-2891-3fe51a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002322Z-174f78459685m244hC1EWRgp2c0000000ucg0000000047r4
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:23 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        29192.168.2.44977813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:22 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:23 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:23 GMT
        Content-Type: text/xml
        Content-Length: 428
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
        ETag: "0x8DC582BAC4F34CA"
        x-ms-request-id: b254496e-901e-0016-2991-3fefe9000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002323Z-174f7845968psccphC1EWRuz9s0000000uw0000000004dep
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:23 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


        Session IDSource IPSource PortDestination IPDestination Port
        30192.168.2.44977913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:24 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:25 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:25 GMT
        Content-Type: text/xml
        Content-Length: 499
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
        ETag: "0x8DC582B98CEC9F6"
        x-ms-request-id: 89e88ad2-001e-0065-4491-3f0b73000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002325Z-174f7845968kdththC1EWRzvxn00000006xg000000004910
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:25 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        31192.168.2.44978013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:24 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:25 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:25 GMT
        Content-Type: text/xml
        Content-Length: 415
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
        ETag: "0x8DC582B988EBD12"
        x-ms-request-id: f440c5dc-801e-0047-7891-3f7265000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002325Z-174f7845968j6t2phC1EWRcfe80000000uy0000000000qv6
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:25 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


        Session IDSource IPSource PortDestination IPDestination Port
        32192.168.2.44978113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:24 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:25 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:25 GMT
        Content-Type: text/xml
        Content-Length: 471
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
        ETag: "0x8DC582BB5815C4C"
        x-ms-request-id: 6c824192-201e-0051-0a91-3f7340000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002325Z-174f784596886s2bhC1EWR743w0000000ur00000000049xk
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:25 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        33192.168.2.44978213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:25 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:25 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:25 GMT
        Content-Type: text/xml
        Content-Length: 419
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
        ETag: "0x8DC582BB32BB5CB"
        x-ms-request-id: c3d74fa2-201e-0003-1d91-3ff85a000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002325Z-174f78459685726chC1EWRsnbg0000000uq000000000489r
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:25 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


        Session IDSource IPSource PortDestination IPDestination Port
        34192.168.2.44978313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:25 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:25 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:25 GMT
        Content-Type: text/xml
        Content-Length: 494
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
        ETag: "0x8DC582BB8972972"
        x-ms-request-id: baa0830a-001e-0082-4291-3f5880000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002325Z-174f78459688l8rvhC1EWRtzr000000007600000000046ys
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:25 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        35192.168.2.44978413.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:27 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:27 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:27 GMT
        Content-Type: text/xml
        Content-Length: 420
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
        ETag: "0x8DC582B9DAE3EC0"
        x-ms-request-id: d3507608-601e-003d-4b91-3f6f25000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002327Z-174f7845968j6t2phC1EWRcfe80000000uy0000000000qyh
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:27 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


        Session IDSource IPSource PortDestination IPDestination Port
        36192.168.2.44978613.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:27 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:27 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:27 GMT
        Content-Type: text/xml
        Content-Length: 427
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
        ETag: "0x8DC582BA909FA21"
        x-ms-request-id: 5810d2d2-301e-0000-6891-3feecc000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002327Z-174f7845968cpnpfhC1EWR3afc0000000ua0000000003x84
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:27 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


        Session IDSource IPSource PortDestination IPDestination Port
        37192.168.2.44978513.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:27 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:27 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:27 GMT
        Content-Type: text/xml
        Content-Length: 472
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
        ETag: "0x8DC582B9D43097E"
        x-ms-request-id: dc0e5a4e-901e-005b-0191-3f2005000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002327Z-174f7845968zgtf6hC1EWRqd8s0000000mng000000004kzp
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:27 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        38192.168.2.44978713.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:27 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:27 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:27 GMT
        Content-Type: text/xml
        Content-Length: 486
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
        ETag: "0x8DC582B92FCB436"
        x-ms-request-id: fac497c4-501e-008f-4391-3f9054000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002327Z-174f7845968qj8jrhC1EWRh41s0000000uq0000000003caw
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:27 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        39192.168.2.44978813.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:27 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:27 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:27 GMT
        Content-Type: text/xml
        Content-Length: 423
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
        ETag: "0x8DC582BB7564CE8"
        x-ms-request-id: dc0e6055-901e-005b-2d91-3f2005000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002327Z-174f7845968jrjrxhC1EWRmmrs0000000uqg0000000041xa
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:27 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


        Session IDSource IPSource PortDestination IPDestination Port
        40192.168.2.44978913.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:29 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:29 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:29 GMT
        Content-Type: text/xml
        Content-Length: 478
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
        ETag: "0x8DC582B9B233827"
        x-ms-request-id: 1fa1b817-401e-0067-5691-3f09c2000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002329Z-174f7845968ljs8phC1EWRe6en0000000ug0000000004n0t
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:29 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        41192.168.2.44979213.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:29 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:29 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:29 GMT
        Content-Type: text/xml
        Content-Length: 400
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
        ETag: "0x8DC582BB2D62837"
        x-ms-request-id: 6760f0bc-801e-002a-1f91-3f31dc000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002329Z-174f7845968cdxdrhC1EWRg0en0000000ugg0000000055c5
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:29 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


        Session IDSource IPSource PortDestination IPDestination Port
        42192.168.2.44979013.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:29 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:29 UTC491INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:29 GMT
        Content-Type: text/xml
        Content-Length: 404
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
        ETag: "0x8DC582B95C61A3C"
        x-ms-request-id: e52ede4a-001e-0017-0591-3f0c3c000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002329Z-174f7845968kvnqxhC1EWRmf3g0000000dm000000000016m
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        X-Cache-Info: L1_T2
        Accept-Ranges: bytes
        2024-11-26 00:23:29 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


        Session IDSource IPSource PortDestination IPDestination Port
        43192.168.2.44979113.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:29 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:29 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:29 GMT
        Content-Type: text/xml
        Content-Length: 468
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
        ETag: "0x8DC582BB046B576"
        x-ms-request-id: be7987d0-001e-0034-1e91-3fdd04000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002329Z-174f7845968kvnqxhC1EWRmf3g0000000dbg000000004dsw
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:29 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Session IDSource IPSource PortDestination IPDestination Port
        44192.168.2.44979313.107.246.63443
        TimestampBytes transferredDirectionData
        2024-11-26 00:23:29 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
        Connection: Keep-Alive
        Accept-Encoding: gzip
        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
        Host: otelrules.azureedge.net
        2024-11-26 00:23:30 UTC470INHTTP/1.1 200 OK
        Date: Tue, 26 Nov 2024 00:23:29 GMT
        Content-Type: text/xml
        Content-Length: 479
        Connection: close
        Cache-Control: public, max-age=604800, immutable
        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
        ETag: "0x8DC582BB7D702D0"
        x-ms-request-id: 8dfbf447-101e-0028-0f8e-3f8f64000000
        x-ms-version: 2018-03-28
        x-azure-ref: 20241126T002329Z-174f7845968zgtf6hC1EWRqd8s0000000mqg0000000035hr
        x-fd-int-roxy-purgeid: 0
        X-Cache: TCP_HIT
        Accept-Ranges: bytes
        2024-11-26 00:23:30 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


        Statistics

        CPU Usage

        Click to jump to process

        Memory Usage

        Click to jump to process

        Behavior

        Click to jump to process

        System Behavior

        General

        Target ID:0
        Start time:19:22:07
        Start date:25/11/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:2
        Start time:19:22:10
        Start date:25/11/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1548,i,9335674428999715768,9469686532170757699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:3
        Start time:19:22:12
        Start date:25/11/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nxsnsstwhbaf.apexhallechuca.com.au/?userid=bHN3ZXN0LXN5c0BudHRscy5jby5qcA=="
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true

        Disassembly

        No disassembly