ThreatHunt/backend/tests/test_csvs/08_sysmon_network.csv at main

mirror of https://github.com/mblanke/ThreatHunt.git synced 2026-03-01 14:00:20 -05:00

Files

2026-02-20 14:32:42 -05:00

302 KiB

Raw Permalink Blame History

1	Hostname	EventTime	EventID	Image	User	Protocol	SourceIp	SourcePort	DestinationIp	DestinationPort	DestinationHostname
2	HR-WS-001	2026-02-17T14:12:13.418Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.2.101	57098	129.202.97.224	3389
3	HR-WS-001	2026-02-12T02:54:59.451Z	3	C:\Windows\System32\svchost.exe	ACME\dlee	udp	10.10.2.101	51471	217.202.165.200	8080	google.com
4	HR-WS-001	2026-02-11T07:17:06.984Z	3	C:\Windows\System32\SearchHost.exe	ACME\dlee	udp	10.10.2.101	58767	10.10.2.110	8080
5	HR-WS-001	2026-02-12T07:58:08.177Z	3	C:\Windows\System32\MsMpEng.exe	ACME\dlee	udp	10.10.2.101	61435	211.129.211.205	389
6	HR-WS-001	2026-02-13T06:27:10.565Z	3	C:\Windows\System32\outlook.exe	ACME\dlee	tcp	10.10.2.101	55676	111.9.26.135	443
7	HR-WS-001	2026-02-12T10:18:09.171Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.2.101	64209	191.6.156.220	443
8	HR-WS-001	2026-02-11T09:12:38.045Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.2.101	49419	212.10.186.55	53
9	HR-WS-001	2026-02-14T19:50:24.649Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.2.101	49835	70.82.74.61	3389
10	HR-WS-001	2026-02-10T17:48:13.868Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	udp	10.10.2.101	52414	38.105.87.18	80
11	HR-WS-001	2026-02-13T06:22:37.124Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	tcp	10.10.2.101	50252	218.250.154.145	389
12	HR-WS-001	2026-02-20T10:55:36.723Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.2.101	59308	118.207.218.172	53
13	HR-WS-001	2026-02-13T17:45:27.852Z	3	C:\Windows\System32\services.exe	ACME\dlee	tcp	10.10.2.101	54540	10.10.2.128	445	pypi.org
14	HR-WS-001	2026-02-18T18:47:52.135Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.2.101	56629	10.10.3.162	8080
15	HR-WS-001	2026-02-18T20:28:15.108Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.2.101	56431	10.10.3.135	80
16	HR-WS-001	2026-02-14T11:33:31.574Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.2.101	64697	204.146.109.107	3389
17	HR-WS-001	2026-02-15T04:17:13.330Z	3	C:\Windows\System32\OneDrive.exe	ACME\dlee	tcp	10.10.2.101	59510	99.114.15.238	445
18	HR-WS-001	2026-02-14T22:58:46.021Z	3	C:\Windows\System32\cmd.exe	ACME\dlee	tcp	10.10.2.101	52502	136.123.206.54	8080
19	HR-WS-001	2026-02-18T21:54:48.565Z	3	C:\Windows\System32\dwm.exe	ACME\dlee	tcp	10.10.2.101	54830	10.10.2.173	3389
20	HR-WS-001	2026-02-20T13:24:29.766Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	tcp	10.10.2.101	53452	10.10.2.128	443
21	HR-WS-001	2026-02-11T14:24:11.114Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.2.101	53776	34.73.213.78	443
22	HR-WS-001	2026-02-14T17:17:45.542Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\dlee	udp	10.10.2.101	52691	10.10.1.157	3389
23	HR-WS-001	2026-02-11T15:10:47.242Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\dlee	udp	10.10.2.101	56836	32.248.132.61	389
24	HR-WS-001	2026-02-16T15:10:06.928Z	3	C:\Windows\System32\dwm.exe	ACME\dlee	udp	10.10.2.101	61924	10.10.2.113	445
25	HR-WS-001	2026-02-13T08:59:26.480Z	3	C:\Windows\System32\svchost.exe	ACME\dlee	udp	10.10.2.101	52787	10.10.1.172	3389
26	HR-WS-001	2026-02-15T10:54:21.289Z	3	C:\Windows\System32\csrss.exe	ACME\dlee	udp	10.10.2.101	59834	10.10.2.119	8080
27	HR-WS-001	2026-02-19T21:53:44.488Z	3	C:\Windows\System32\csrss.exe	ACME\dlee	udp	10.10.2.101	50467	97.217.154.201	443
28	HR-WS-001	2026-02-20T16:21:19.296Z	3	C:\Windows\System32\teams.exe	ACME\dlee	tcp	10.10.2.101	60032	10.10.1.12	3389
29	HR-WS-001	2026-02-17T07:00:17.985Z	3	C:\Windows\System32\taskhostw.exe	ACME\dlee	tcp	10.10.2.101	50490	10.10.3.138	80
30	HR-WS-001	2026-02-12T18:37:58.835Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	tcp	10.10.2.101	57801	170.197.126.93	443
31	HR-WS-001	2026-02-11T00:37:31.607Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.2.101	51176	74.214.187.59	53
32	HR-WS-001	2026-02-16T07:05:02.332Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.2.101	50583	10.10.2.164	8080
33	HR-WS-001	2026-02-12T10:11:34.849Z	3	C:\Windows\System32\outlook.exe	ACME\dlee	udp	10.10.2.101	64344	185.25.98.10	389
34	HR-WS-001	2026-02-19T12:23:29.035Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.2.101	57217	10.10.1.112	389
35	HR-WS-001	2026-02-19T00:26:20.454Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.2.101	53174	10.10.3.102	389
36	HR-WS-001	2026-02-14T19:58:21.475Z	3	C:\Windows\System32\SearchHost.exe	ACME\dlee	udp	10.10.2.101	61649	52.36.187.73	53
37	HR-WS-001	2026-02-13T23:00:54.896Z	3	C:\Windows\System32\lsass.exe	ACME\dlee	tcp	10.10.2.101	62300	10.10.1.109	53
38	HR-WS-001	2026-02-18T12:12:22.193Z	3	C:\Windows\System32\cmd.exe	ACME\dlee	tcp	10.10.2.101	59092	122.100.247.10	80
39	HR-WS-001	2026-02-18T15:24:34.789Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	tcp	10.10.2.101	49356	10.10.3.168	389
40	HR-WS-001	2026-02-18T17:25:03.291Z	3	C:\Windows\System32\cmd.exe	ACME\dlee	udp	10.10.2.101	62209	89.28.208.164	443
41	HR-WS-001	2026-02-20T04:27:56.403Z	3	C:\Windows\System32\dwm.exe	ACME\dlee	tcp	10.10.2.101	56169	10.10.1.142	445	github.com
42	HR-WS-001	2026-02-11T16:21:40.646Z	3	C:\Windows\System32\outlook.exe	ACME\dlee	tcp	10.10.2.101	65473	2.105.252.251	80
43	HR-WS-001	2026-02-12T20:29:02.895Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	udp	10.10.2.101	63642	61.202.214.212	445	time.windows.com
44	HR-WS-001	2026-02-10T19:04:59.598Z	3	C:\Windows\System32\services.exe	ACME\dlee	udp	10.10.2.101	56900	4.137.196.165	3389	googleapis.com
45	HR-WS-001	2026-02-17T03:14:59.881Z	3	C:\Windows\System32\cmd.exe	ACME\dlee	udp	10.10.2.101	51951	147.96.140.69	53
46	HR-WS-001	2026-02-20T04:06:11.117Z	3	C:\Windows\System32\teams.exe	ACME\dlee	udp	10.10.2.101	60068	203.224.77.107	445
47	HR-WS-001	2026-02-15T18:20:07.376Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.2.101	63368	200.54.133.185	445	stackoverflow.com
48	HR-WS-001	2026-02-19T19:41:17.565Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	tcp	10.10.2.101	53193	69.6.45.182	443
49	HR-WS-001	2026-02-18T14:27:29.660Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.2.101	50169	10.10.3.138	53
50	FIN-WS-002	2026-02-18T11:54:42.686Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.102	62430	10.10.3.135	53
51	FIN-WS-002	2026-02-16T01:53:38.423Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.3.102	52733	10.10.1.121	53
52	FIN-WS-002	2026-02-16T06:47:15.709Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	udp	10.10.3.102	50108	10.10.1.10	445	www.bet365.com
53	FIN-WS-002	2026-02-10T15:39:44.401Z	3	C:\Windows\System32\System	ACME\bwilson	tcp	10.10.3.102	53998	10.10.3.108	53
54	FIN-WS-002	2026-02-20T15:50:23.138Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	udp	10.10.3.102	60600	180.224.34.80	389
55	FIN-WS-002	2026-02-16T19:07:41.052Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	udp	10.10.3.102	59094	10.10.1.115	8080
56	FIN-WS-002	2026-02-14T12:52:40.266Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.3.102	51424	167.158.209.170	443
57	FIN-WS-002	2026-02-11T19:10:41.637Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.3.102	51329	35.170.211.149	445
58	FIN-WS-002	2026-02-12T04:45:41.075Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.102	58733	10.10.3.114	445
59	FIN-WS-002	2026-02-16T15:45:17.731Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.3.102	58162	125.176.62.54	53
60	FIN-WS-002	2026-02-20T01:06:28.687Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.3.102	53642	87.19.21.191	389	graph.microsoft.com
61	FIN-WS-002	2026-02-20T12:30:06.088Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.3.102	58698	32.54.68.28	80
62	FIN-WS-002	2026-02-18T09:28:11.355Z	3	C:\Windows\System32\code.exe	ACME\bwilson	udp	10.10.3.102	57515	101.86.192.162	445	npmjs.com
63	FIN-WS-002	2026-02-20T07:22:20.659Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.102	60376	185.81.172.242	443
64	FIN-WS-002	2026-02-11T03:49:45.518Z	3	C:\Windows\System32\services.exe	ACME\bwilson	udp	10.10.3.102	59336	56.62.33.80	445
65	FIN-WS-002	2026-02-11T03:32:24.215Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.3.102	49718	178.231.4.66	445
66	FIN-WS-002	2026-02-18T05:21:18.597Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	tcp	10.10.3.102	58224	212.117.175.224	53
67	FIN-WS-002	2026-02-12T10:28:01.513Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.102	63511	10.10.2.167	53
68	FIN-WS-002	2026-02-14T22:27:38.140Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.102	49352	68.230.212.214	389
69	FIN-WS-002	2026-02-11T20:56:34.314Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.102	58053	193.51.248.16	80	github.com
70	FIN-WS-002	2026-02-20T02:17:06.846Z	3	C:\Windows\System32\teams.exe	ACME\bwilson	udp	10.10.3.102	57078	216.10.44.199	443
71	FIN-WS-002	2026-02-15T10:41:36.351Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.102	49758	10.10.3.105	445
72	SLS-WS-003	2026-02-13T05:53:24.609Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.1.103	50796	170.171.217.93	8080
73	SLS-WS-003	2026-02-18T16:12:06.047Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.1.103	59556	127.42.210.18	443
74	SLS-WS-003	2026-02-17T14:38:59.958Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.103	52231	145.169.132.225	8080	stackoverflow.com
75	SLS-WS-003	2026-02-15T14:45:41.535Z	3	C:\Windows\System32\smss.exe	ACME\admin	tcp	10.10.1.103	57064	133.56.142.199	80
76	SLS-WS-003	2026-02-14T15:10:28.413Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.103	62292	10.10.1.175	3389
77	SLS-WS-003	2026-02-10T17:04:38.242Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.103	52217	10.10.1.148	8080	googleapis.com
78	SLS-WS-003	2026-02-14T12:24:46.125Z	3	C:\Windows\System32\teams.exe	ACME\admin	udp	10.10.1.103	64662	10.10.3.171	80
79	SLS-WS-003	2026-02-17T03:17:15.256Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.1.103	59426	124.84.21.49	80
80	SLS-WS-003	2026-02-13T22:08:00.547Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	tcp	10.10.1.103	62203	174.117.244.39	443
81	SLS-WS-003	2026-02-11T02:34:20.930Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	tcp	10.10.1.103	50145	10.10.2.116	389
82	SLS-WS-003	2026-02-11T07:29:29.783Z	3	C:\Windows\System32\services.exe	ACME\admin	tcp	10.10.1.103	52328	10.10.3.135	80
83	SLS-WS-003	2026-02-19T15:25:38.315Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	tcp	10.10.1.103	54594	134.13.232.120	80
84	SLS-WS-003	2026-02-16T16:20:01.604Z	3	C:\Windows\System32\cmd.exe	ACME\admin	udp	10.10.1.103	56550	10.10.2.161	389
85	SLS-WS-003	2026-02-16T18:58:12.021Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.1.103	54820	64.166.141.221	8080
86	SLS-WS-003	2026-02-14T09:44:16.417Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.103	60426	185.24.4.49	445
87	SLS-WS-003	2026-02-20T03:07:51.152Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.103	65372	10.35.169.17	389
88	SLS-WS-003	2026-02-14T11:07:52.229Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.103	61092	10.10.3.138	445
89	SLS-WS-003	2026-02-19T08:32:16.946Z	3	C:\Windows\System32\powershell.exe	ACME\admin	udp	10.10.1.103	59304	10.10.1.118	8080
90	SLS-WS-003	2026-02-12T03:58:54.794Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.1.103	60610	82.227.36.70	443
91	SLS-WS-003	2026-02-16T05:52:22.299Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.1.103	63945	10.10.1.11	53	akamai.net
92	SLS-WS-003	2026-02-14T23:09:15.086Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.103	60971	86.211.213.135	53
93	SLS-WS-003	2026-02-12T07:04:50.497Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.103	53620	44.96.76.71	443
94	SLS-WS-003	2026-02-20T10:36:23.586Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.103	50339	149.144.99.158	80	akamai.net
95	SLS-WS-003	2026-02-10T23:25:53.047Z	3	C:\Windows\System32\powershell.exe	ACME\admin	udp	10.10.1.103	50478	147.152.59.80	80
96	SLS-WS-003	2026-02-11T19:07:18.436Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.1.103	52326	212.133.49.146	80	time.windows.com
97	SLS-WS-003	2026-02-16T19:43:37.961Z	3	C:\Windows\System32\lsass.exe	ACME\admin	tcp	10.10.1.103	62720	10.10.3.123	389
98	SLS-WS-003	2026-02-15T03:49:07.302Z	3	C:\Windows\System32\powershell.exe	ACME\admin	tcp	10.10.1.103	64621	10.10.1.172	53
99	SLS-WS-003	2026-02-11T13:28:52.502Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.1.103	54906	113.106.1.178	80
100	SLS-WS-003	2026-02-14T13:05:38.586Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	udp	10.10.1.103	62046	174.69.247.155	53
101	SLS-WS-003	2026-02-12T07:41:35.787Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.1.103	64192	10.10.1.157	443	teams.microsoft.com
102	SLS-WS-003	2026-02-13T14:22:34.417Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.103	64545	56.187.147.187	53
103	SLS-WS-003	2026-02-19T19:14:56.900Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.103	61392	75.159.114.31	445	stackoverflow.com
104	ENG-WS-004	2026-02-10T08:57:22.674Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.2.104	61806	10.10.3.138	3389
105	ENG-WS-004	2026-02-18T05:30:30.455Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.2.104	64805	77.17.240.35	389
106	ENG-WS-004	2026-02-13T15:40:14.906Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	tcp	10.10.2.104	65215	27.249.11.139	445
107	ENG-WS-004	2026-02-16T22:33:45.347Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.2.104	63099	10.10.3.102	80
108	ENG-WS-004	2026-02-19T02:18:32.303Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.2.104	54747	10.10.3.108	443
109	ENG-WS-004	2026-02-18T15:54:45.019Z	3	C:\Windows\System32\spoolsv.exe	ACME\bwilson	tcp	10.10.2.104	56103	130.48.233.145	80
110	ENG-WS-004	2026-02-16T11:27:37.322Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.2.104	63515	10.10.1.115	389	windowsupdate.com
111	ENG-WS-004	2026-02-14T20:23:24.889Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	tcp	10.10.2.104	62488	98.250.48.194	3389
112	ENG-WS-004	2026-02-20T15:22:56.159Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.2.104	53675	127.21.27.114	445	www.bet365.com
113	ENG-WS-004	2026-02-19T14:24:03.921Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	tcp	10.10.2.104	62360	10.10.3.10	8080
114	ENG-WS-004	2026-02-16T02:32:15.810Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.2.104	53887	28.219.243.53	445
115	ENG-WS-004	2026-02-13T17:00:41.496Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.2.104	52852	189.47.229.129	443	graph.microsoft.com
116	ENG-WS-004	2026-02-10T11:09:28.603Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.2.104	57875	10.10.3.132	389
117	ENG-WS-004	2026-02-18T05:50:21.089Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.2.104	52366	129.233.247.26	3389
118	ENG-WS-004	2026-02-16T11:42:35.048Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	tcp	10.10.2.104	62906	153.119.110.184	389
119	ENG-WS-004	2026-02-19T19:24:57.160Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.2.104	61958	69.81.60.81	80
120	ENG-WS-004	2026-02-15T09:47:31.187Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	udp	10.10.2.104	60666	10.10.3.120	443
121	ENG-WS-004	2026-02-12T17:04:22.923Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.2.104	62965	10.10.2.11	8080
122	ENG-WS-004	2026-02-12T12:55:43.310Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	tcp	10.10.2.104	57740	10.10.2.158	443
123	ENG-WS-004	2026-02-12T19:50:18.916Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	tcp	10.10.2.104	64150	10.10.1.12	80
124	ENG-WS-004	2026-02-14T20:59:55.023Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.2.104	59230	10.10.1.163	389
125	ENG-WS-004	2026-02-11T03:54:20.207Z	3	C:\Windows\System32\spoolsv.exe	ACME\bwilson	tcp	10.10.2.104	62286	81.196.128.254	445
126	ENG-WS-004	2026-02-13T19:23:13.893Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.2.104	60775	10.10.1.12	8080
127	ENG-WS-004	2026-02-14T12:33:47.329Z	3	C:\Windows\System32\services.exe	ACME\bwilson	tcp	10.10.2.104	51070	152.26.38.169	445
128	ENG-WS-004	2026-02-19T01:27:04.926Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.2.104	63241	10.10.1.127	443
129	ENG-WS-004	2026-02-12T12:23:21.284Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	tcp	10.10.2.104	62893	10.10.2.11	80
130	ENG-WS-004	2026-02-19T06:21:43.593Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	udp	10.10.2.104	55857	10.10.1.124	445
131	ENG-WS-004	2026-02-18T15:20:19.785Z	3	C:\Windows\System32\services.exe	ACME\bwilson	tcp	10.10.2.104	49748	192.132.182.135	445
132	ENG-WS-004	2026-02-14T15:09:12.350Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.2.104	52624	12.168.192.79	53
133	ENG-WS-004	2026-02-17T15:27:34.619Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	tcp	10.10.2.104	59508	10.10.1.103	8080
134	ENG-WS-004	2026-02-20T10:57:22.304Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.2.104	59184	10.10.2.143	389
135	ENG-WS-004	2026-02-16T06:31:33.310Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.2.104	54597	222.93.49.78	8080
136	ENG-WS-004	2026-02-18T02:06:11.249Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.2.104	51596	10.10.3.147	3389
137	ENG-WS-004	2026-02-14T18:45:14.844Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.2.104	62979	13.25.90.182	445
138	ENG-WS-004	2026-02-19T06:03:06.488Z	3	C:\Windows\System32\services.exe	ACME\bwilson	tcp	10.10.2.104	64342	41.215.192.35	8080
139	ENG-WS-004	2026-02-14T02:08:34.983Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	udp	10.10.2.104	52538	10.10.1.12	53
140	ENG-WS-004	2026-02-18T20:33:04.610Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.2.104	64367	169.59.39.218	8080
141	ENG-WS-004	2026-02-14T19:09:56.918Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	tcp	10.10.2.104	57365	10.10.1.166	53
142	ENG-WS-004	2026-02-12T16:52:01.848Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	tcp	10.10.2.104	57473	206.36.198.145	80
143	ENG-WS-004	2026-02-11T09:14:57.135Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.2.104	64451	10.10.1.142	80
144	ENG-WS-004	2026-02-13T19:51:57.659Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.2.104	56661	153.42.93.238	53
145	ENG-WS-004	2026-02-14T12:47:16.117Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	tcp	10.10.2.104	50636	10.10.2.155	445
146	LEG-WS-005	2026-02-18T14:50:14.740Z	3	C:\Windows\System32\lsass.exe	ACME\fthompson	tcp	10.10.3.105	51441	10.10.3.120	8080	graph.microsoft.com
147	LEG-WS-005	2026-02-18T11:24:55.180Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	tcp	10.10.3.105	60138	34.14.46.92	53
148	LEG-WS-005	2026-02-17T01:24:15.047Z	3	C:\Windows\System32\cmd.exe	ACME\fthompson	tcp	10.10.3.105	50849	185.77.237.252	53
149	LEG-WS-005	2026-02-18T17:33:01.533Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	tcp	10.10.3.105	57417	134.241.208.75	389
150	LEG-WS-005	2026-02-18T23:49:19.418Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	udp	10.10.3.105	58213	10.10.3.114	80
151	LEG-WS-005	2026-02-11T03:25:19.142Z	3	C:\Windows\System32\winlogon.exe	ACME\fthompson	udp	10.10.3.105	62456	38.54.54.33	443
152	LEG-WS-005	2026-02-18T04:50:30.698Z	3	C:\Windows\System32\dwm.exe	ACME\fthompson	udp	10.10.3.105	59940	10.10.3.135	8080
153	LEG-WS-005	2026-02-18T21:48:59.480Z	3	C:\Windows\System32\teams.exe	ACME\fthompson	udp	10.10.3.105	62603	220.210.177.224	443
154	LEG-WS-005	2026-02-17T16:32:46.029Z	3	C:\Windows\System32\notepad.exe	ACME\fthompson	udp	10.10.3.105	50573	73.98.74.160	3389
155	LEG-WS-005	2026-02-11T06:51:47.601Z	3	C:\Windows\System32\lsass.exe	ACME\fthompson	udp	10.10.3.105	52201	10.10.1.13	53
156	LEG-WS-005	2026-02-11T15:01:11.095Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	tcp	10.10.3.105	49446	197.3.104.127	389
157	LEG-WS-005	2026-02-19T03:00:31.873Z	3	C:\Windows\System32\services.exe	ACME\fthompson	udp	10.10.3.105	63807	10.10.2.164	80
158	LEG-WS-005	2026-02-15T12:10:56.358Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.3.105	62539	10.10.2.125	8080
159	LEG-WS-005	2026-02-16T18:50:49.727Z	3	C:\Windows\System32\services.exe	ACME\fthompson	tcp	10.10.3.105	60171	10.10.1.166	80
160	LEG-WS-005	2026-02-14T01:33:56.857Z	3	C:\Windows\System32\System	ACME\fthompson	tcp	10.10.3.105	56203	216.14.160.153	8080
161	LEG-WS-005	2026-02-10T21:41:11.262Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.3.105	61086	222.207.68.187	8080
162	LEG-WS-005	2026-02-13T05:05:14.928Z	3	C:\Windows\System32\dwm.exe	ACME\fthompson	udp	10.10.3.105	64894	120.17.122.59	445
163	LEG-WS-005	2026-02-10T22:09:27.748Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.3.105	51327	108.228.2.109	80
164	LEG-WS-005	2026-02-18T08:28:23.141Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	udp	10.10.3.105	60662	10.10.3.123	80
165	LEG-WS-005	2026-02-18T14:14:37.343Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	tcp	10.10.3.105	63539	10.10.3.126	8080
166	LEG-WS-005	2026-02-18T20:10:17.823Z	3	C:\Windows\System32\MsMpEng.exe	ACME\fthompson	tcp	10.10.3.105	60114	10.10.2.11	389
167	LEG-WS-005	2026-02-13T07:05:36.783Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	udp	10.10.3.105	51081	10.10.2.11	445
168	LEG-WS-005	2026-02-15T14:49:21.396Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.3.105	61467	143.172.106.145	389
169	LEG-WS-005	2026-02-14T01:00:56.046Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	udp	10.10.3.105	52473	65.40.32.207	3389
170	LEG-WS-005	2026-02-13T22:18:56.598Z	3	C:\Windows\System32\explorer.exe	ACME\fthompson	tcp	10.10.3.105	62392	111.151.108.181	389
171	LEG-WS-005	2026-02-15T02:01:21.205Z	3	C:\Program Files\msedge.exe	ACME\fthompson	udp	10.10.3.105	62468	71.72.197.219	8080
172	LEG-WS-005	2026-02-19T14:53:59.345Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.3.105	58277	64.126.18.16	8080
173	LEG-WS-005	2026-02-14T19:15:30.319Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.3.105	57086	122.242.60.95	80
174	LEG-WS-005	2026-02-11T09:32:57.599Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.3.105	63352	75.80.33.27	3389
175	LEG-WS-005	2026-02-19T08:21:10.244Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	udp	10.10.3.105	61078	108.3.253.11	80
176	MKT-WS-006	2026-02-11T09:06:08.101Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	tcp	10.10.1.106	49465	10.10.2.143	3389
177	MKT-WS-006	2026-02-15T04:22:31.546Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.106	50333	92.193.230.78	389
178	MKT-WS-006	2026-02-11T00:58:51.884Z	3	C:\Windows\System32\outlook.exe	ACME\svc_sql	tcp	10.10.1.106	55651	10.10.1.166	80
179	MKT-WS-006	2026-02-15T23:16:08.262Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.1.106	59364	159.41.153.68	53
180	MKT-WS-006	2026-02-13T21:39:11.068Z	3	C:\Windows\System32\explorer.exe	ACME\svc_sql	udp	10.10.1.106	57383	63.70.244.183	443
181	MKT-WS-006	2026-02-20T11:43:01.277Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_sql	tcp	10.10.1.106	64563	146.71.69.128	53
182	MKT-WS-006	2026-02-15T15:03:42.804Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.1.106	53449	10.10.1.11	3389
183	MKT-WS-006	2026-02-19T18:28:51.577Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	udp	10.10.1.106	63369	83.98.59.194	8080	dc-01.acme.local
184	MKT-WS-006	2026-02-10T18:28:30.095Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	udp	10.10.1.106	53898	10.10.2.155	80
185	MKT-WS-006	2026-02-18T14:51:41.917Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	tcp	10.10.1.106	51131	10.10.2.137	53
186	MKT-WS-006	2026-02-13T10:47:08.470Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	tcp	10.10.1.106	56415	10.10.1.121	443
187	EXEC-WS-007	2026-02-13T12:09:18.115Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.107	58327	200.183.17.226	389
188	EXEC-WS-007	2026-02-17T22:00:44.514Z	3	C:\Windows\System32\teams.exe	ACME\admin	udp	10.10.2.107	58850	182.96.77.218	8080
189	EXEC-WS-007	2026-02-12T20:19:33.942Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	udp	10.10.2.107	53144	10.10.2.137	53
190	EXEC-WS-007	2026-02-13T21:41:57.043Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.107	60784	10.10.1.106	53
191	EXEC-WS-007	2026-02-15T02:48:19.566Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.2.107	58114	10.10.3.135	3389
192	EXEC-WS-007	2026-02-11T14:55:06.475Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.2.107	56462	202.171.108.181	80
193	EXEC-WS-007	2026-02-19T05:46:27.422Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.107	52468	54.74.41.231	8080
194	EXEC-WS-007	2026-02-12T11:43:44.047Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	tcp	10.10.2.107	50138	10.10.1.112	443
195	EXEC-WS-007	2026-02-14T21:16:01.685Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	tcp	10.10.2.107	52281	154.127.111.252	80
196	EXEC-WS-007	2026-02-12T23:56:30.594Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.107	50367	10.10.3.102	53
197	EXEC-WS-007	2026-02-14T14:38:41.172Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.107	59459	10.10.2.149	8080
198	EXEC-WS-007	2026-02-20T01:51:43.906Z	3	C:\Windows\System32\powershell.exe	ACME\admin	tcp	10.10.2.107	61766	97.79.74.225	53
199	EXEC-WS-007	2026-02-10T11:46:43.837Z	3	C:\Windows\System32\smss.exe	ACME\admin	udp	10.10.2.107	61020	90.136.159.111	80
200	EXEC-WS-007	2026-02-12T06:10:56.944Z	3	C:\Windows\System32\code.exe	ACME\admin	tcp	10.10.2.107	64910	10.10.1.112	445
201	EXEC-WS-007	2026-02-16T14:30:21.178Z	3	C:\Windows\System32\services.exe	ACME\admin	udp	10.10.2.107	62845	33.186.95.54	443
202	EXEC-WS-007	2026-02-11T17:49:22.397Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.107	49561	35.174.17.125	8080
203	EXEC-WS-007	2026-02-11T15:45:19.621Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.2.107	59664	10.10.2.119	389
204	EXEC-WS-007	2026-02-12T11:18:42.764Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.107	60661	10.10.2.161	443
205	EXEC-WS-007	2026-02-19T10:44:51.829Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	tcp	10.10.2.107	63644	178.206.224.117	389
206	EXEC-WS-007	2026-02-19T12:13:25.390Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.2.107	62395	10.10.3.153	3389
207	EXEC-WS-007	2026-02-15T19:34:22.462Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.2.107	55606	10.10.3.144	3389
208	EXEC-WS-007	2026-02-13T12:31:10.383Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.107	54124	157.236.18.237	445
209	EXEC-WS-007	2026-02-13T03:47:43.421Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	udp	10.10.2.107	65208	174.118.202.80	445
210	EXEC-WS-007	2026-02-14T06:46:06.221Z	3	C:\Windows\System32\notepad.exe	ACME\admin	tcp	10.10.2.107	51178	87.141.62.129	389
211	EXEC-WS-007	2026-02-15T06:57:11.552Z	3	C:\Windows\System32\teams.exe	ACME\admin	udp	10.10.2.107	60782	6.224.199.73	443
212	EXEC-WS-007	2026-02-13T16:23:02.679Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.107	50075	10.10.1.124	80
213	EXEC-WS-007	2026-02-10T20:40:37.167Z	3	C:\Windows\System32\code.exe	ACME\admin	tcp	10.10.2.107	64565	10.10.2.161	389
214	EXEC-WS-007	2026-02-19T10:43:29.119Z	3	C:\Windows\System32\code.exe	ACME\admin	tcp	10.10.2.107	62396	10.10.1.115	443	time.windows.com
215	EXEC-WS-007	2026-02-20T12:27:10.761Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.107	61754	10.10.2.155	80
216	IT-WS-008	2026-02-20T01:07:49.805Z	3	C:\Windows\System32\dwm.exe	ACME\hbrown	udp	10.10.3.108	59527	61.123.200.36	80
217	IT-WS-008	2026-02-17T08:37:47.374Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.108	60469	11.150.237.251	80
218	IT-WS-008	2026-02-15T00:00:40.205Z	3	C:\Windows\System32\powershell.exe	ACME\hbrown	tcp	10.10.3.108	49663	10.10.2.173	445
219	IT-WS-008	2026-02-14T09:12:26.997Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.3.108	51144	10.10.2.149	3389
220	IT-WS-008	2026-02-16T18:55:31.623Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	udp	10.10.3.108	63063	10.10.3.159	53
221	IT-WS-008	2026-02-14T14:19:45.199Z	3	C:\Windows\System32\taskhostw.exe	ACME\hbrown	tcp	10.10.3.108	64965	132.66.112.229	80
222	IT-WS-008	2026-02-12T19:13:17.206Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.3.108	56906	73.60.185.107	80
223	IT-WS-008	2026-02-19T22:14:13.251Z	3	C:\Windows\System32\teams.exe	ACME\hbrown	udp	10.10.3.108	65251	149.24.17.61	8080	akamai.net
224	IT-WS-008	2026-02-20T11:22:39.601Z	3	C:\Windows\System32\smss.exe	ACME\hbrown	tcp	10.10.3.108	50869	10.10.1.12	445
225	IT-WS-008	2026-02-17T00:01:39.195Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	udp	10.10.3.108	64820	38.17.4.51	3389
226	IT-WS-008	2026-02-12T20:31:47.285Z	3	C:\Windows\System32\explorer.exe	ACME\hbrown	tcp	10.10.3.108	55894	10.10.3.120	80
227	IT-WS-008	2026-02-11T20:53:29.074Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.108	62348	10.10.3.153	80
228	IT-WS-008	2026-02-12T07:28:15.973Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	tcp	10.10.3.108	62970	166.250.62.217	80
229	IT-WS-008	2026-02-20T14:15:22.302Z	3	C:\Windows\System32\explorer.exe	ACME\hbrown	udp	10.10.3.108	49856	139.94.190.104	8080
230	IT-WS-008	2026-02-10T21:49:37.113Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.3.108	62677	10.10.3.102	80
231	IT-WS-008	2026-02-12T21:20:48.222Z	3	C:\Windows\System32\winlogon.exe	ACME\hbrown	tcp	10.10.3.108	58184	140.51.86.212	53
232	IT-WS-008	2026-02-15T17:13:17.195Z	3	C:\Windows\System32\MsMpEng.exe	ACME\hbrown	udp	10.10.3.108	54974	10.10.3.162	8080
233	IT-WS-008	2026-02-14T21:29:41.660Z	3	C:\Windows\System32\cmd.exe	ACME\hbrown	tcp	10.10.3.108	64806	10.10.3.156	445
234	IT-WS-008	2026-02-17T09:35:30.069Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	tcp	10.10.3.108	58451	66.61.209.56	443	login.microsoftonline.com
235	IT-WS-008	2026-02-20T13:16:29.035Z	3	C:\Windows\System32\SearchHost.exe	ACME\hbrown	udp	10.10.3.108	58429	167.61.62.219	53
236	IT-WS-008	2026-02-18T05:07:47.218Z	3	C:\Windows\System32\dwm.exe	ACME\hbrown	tcp	10.10.3.108	58013	10.10.3.174	53
237	IT-WS-008	2026-02-10T08:36:38.517Z	3	C:\Windows\System32\SearchHost.exe	ACME\hbrown	tcp	10.10.3.108	56288	10.10.3.132	3389
238	IT-WS-008	2026-02-18T04:13:21.452Z	3	C:\Windows\System32\winlogon.exe	ACME\hbrown	tcp	10.10.3.108	61621	156.120.93.161	445
239	IT-WS-008	2026-02-14T00:31:09.804Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	tcp	10.10.3.108	65413	153.189.104.222	80
240	IT-WS-008	2026-02-14T05:20:58.482Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.108	53566	182.162.46.174	53
241	IT-WS-008	2026-02-18T05:52:36.140Z	3	C:\Windows\System32\services.exe	ACME\hbrown	udp	10.10.3.108	52157	64.0.241.32	8080
242	IT-WS-008	2026-02-17T05:08:40.902Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	udp	10.10.3.108	53169	80.35.53.180	80
243	IT-WS-008	2026-02-17T16:49:11.484Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	tcp	10.10.3.108	61927	164.2.217.177	445
244	IT-WS-008	2026-02-13T07:02:42.440Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	tcp	10.10.3.108	52585	221.240.224.131	445
245	IT-WS-008	2026-02-14T02:49:07.106Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.108	50119	10.10.2.131	389
246	IT-WS-008	2026-02-13T19:35:22.423Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	udp	10.10.3.108	61482	10.10.3.114	53
247	IT-WS-008	2026-02-11T10:42:26.979Z	3	C:\Windows\System32\outlook.exe	ACME\hbrown	tcp	10.10.3.108	59811	183.134.200.151	389
248	IT-WS-008	2026-02-12T09:04:16.891Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	tcp	10.10.3.108	63264	10.10.3.126	443	dc-02.acme.local
249	IT-WS-008	2026-02-11T01:34:14.907Z	3	C:\Windows\System32\dwm.exe	ACME\hbrown	tcp	10.10.3.108	52766	35.128.10.29	80	npmjs.com
250	IT-WS-008	2026-02-13T07:10:47.820Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.3.108	52379	158.227.122.190	53
251	IT-WS-008	2026-02-12T07:28:53.908Z	3	C:\Windows\System32\taskhostw.exe	ACME\hbrown	udp	10.10.3.108	63752	143.204.243.226	8080
252	IT-WS-008	2026-02-18T14:14:01.404Z	3	C:\Windows\System32\dwm.exe	ACME\hbrown	udp	10.10.3.108	56651	27.189.128.10	80
253	IT-WS-008	2026-02-14T10:37:18.506Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.108	64267	10.10.2.128	53
254	IT-WS-008	2026-02-19T22:58:13.097Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.3.108	65310	10.10.2.143	80
255	IT-WS-008	2026-02-10T16:41:49.069Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.3.108	59675	220.188.191.122	3389
256	IT-WS-008	2026-02-19T20:16:52.056Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.3.108	54926	10.10.3.129	80
257	IT-WS-008	2026-02-19T10:40:26.627Z	3	C:\Windows\System32\winlogon.exe	ACME\hbrown	udp	10.10.3.108	57418	126.211.231.179	3389	teams.microsoft.com
258	IT-WS-008	2026-02-18T17:13:57.715Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	tcp	10.10.3.108	61790	57.1.55.39	445
259	IT-WS-008	2026-02-15T01:33:44.282Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	tcp	10.10.3.108	63207	10.10.2.134	445
260	IT-WS-008	2026-02-19T15:33:32.592Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	udp	10.10.3.108	53512	117.33.221.38	445
261	IT-WS-008	2026-02-20T04:24:53.575Z	3	C:\Windows\System32\MsMpEng.exe	ACME\hbrown	udp	10.10.3.108	62513	10.10.2.11	3389
262	IT-WS-008	2026-02-19T01:56:22.230Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.3.108	60487	10.10.2.146	443	akamai.net
263	IT-WS-008	2026-02-15T20:42:06.420Z	3	C:\Windows\System32\cmd.exe	ACME\hbrown	tcp	10.10.3.108	63877	6.246.142.51	8080	aws.amazon.com
264	IT-WS-008	2026-02-13T07:30:13.236Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.3.108	58971	93.109.116.91	53
265	HR-WS-009	2026-02-10T17:10:17.626Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	tcp	10.10.1.109	65103	39.6.49.191	389
266	HR-WS-009	2026-02-15T23:53:26.360Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	udp	10.10.1.109	57686	207.62.220.134	443
267	HR-WS-009	2026-02-10T21:51:08.842Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	tcp	10.10.1.109	57765	10.10.1.172	8080	exch-01.acme.local
268	HR-WS-009	2026-02-16T05:50:56.515Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.1.109	64269	136.237.3.65	443
269	HR-WS-009	2026-02-16T17:50:49.476Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.1.109	55345	50.167.52.146	8080
270	HR-WS-009	2026-02-12T20:45:53.101Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	tcp	10.10.1.109	56034	7.186.125.242	445
271	HR-WS-009	2026-02-13T17:34:28.318Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	tcp	10.10.1.109	60278	53.117.167.191	389
272	HR-WS-009	2026-02-11T00:43:19.803Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.109	62604	10.10.1.12	445
273	HR-WS-009	2026-02-14T15:46:10.341Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	udp	10.10.1.109	58754	35.93.236.51	445	draftkings.com
274	HR-WS-009	2026-02-20T10:07:46.942Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	tcp	10.10.1.109	53769	123.30.150.214	389
275	HR-WS-009	2026-02-15T10:08:59.683Z	3	C:\Windows\System32\spoolsv.exe	ACME\cjohnson	tcp	10.10.1.109	49772	10.10.3.126	53
276	HR-WS-009	2026-02-20T15:31:55.158Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.109	49510	11.58.124.216	53
277	HR-WS-009	2026-02-16T08:53:32.022Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	udp	10.10.1.109	56245	10.10.2.143	80	outlook.office365.com
278	HR-WS-009	2026-02-12T01:31:57.131Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.1.109	59558	10.10.1.130	53
279	HR-WS-009	2026-02-11T02:31:55.202Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	tcp	10.10.1.109	63129	19.4.127.39	389
280	HR-WS-009	2026-02-10T11:37:29.782Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.109	51767	10.10.2.104	3389
281	HR-WS-009	2026-02-18T01:29:40.871Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	udp	10.10.1.109	60631	10.10.3.153	3389
282	HR-WS-009	2026-02-17T22:26:44.603Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.109	49458	100.37.19.249	53
283	FIN-WS-010	2026-02-18T08:13:39.468Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	udp	10.10.2.110	56764	146.93.108.11	53
284	FIN-WS-010	2026-02-14T09:02:50.715Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	udp	10.10.2.110	59714	19.114.13.215	8080
285	FIN-WS-010	2026-02-14T22:10:46.563Z	3	C:\Windows\System32\powershell.exe	ACME\svc_web	tcp	10.10.2.110	55124	158.192.67.82	445	windowsupdate.com
286	FIN-WS-010	2026-02-19T19:41:24.103Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.110	62985	36.231.120.124	80
287	FIN-WS-010	2026-02-13T20:48:16.758Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.2.110	65280	29.194.32.50	389	pokerstars.com
288	FIN-WS-010	2026-02-15T01:24:40.860Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	tcp	10.10.2.110	61159	10.10.2.125	53
289	FIN-WS-010	2026-02-11T06:54:49.979Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.110	58876	10.10.3.10	80	cdn.jsdelivr.net
290	FIN-WS-010	2026-02-12T02:51:01.707Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.2.110	51914	10.10.3.111	80	cdn.jsdelivr.net
291	FIN-WS-010	2026-02-14T04:22:19.863Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	tcp	10.10.2.110	49469	10.10.1.106	443
292	FIN-WS-010	2026-02-17T02:54:29.548Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.110	54279	10.10.2.152	80
293	FIN-WS-010	2026-02-19T17:10:38.732Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.110	57724	10.10.1.136	443
294	FIN-WS-010	2026-02-14T12:52:07.222Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	tcp	10.10.2.110	58841	129.161.24.254	53	cloudflare.com
295	FIN-WS-010	2026-02-13T16:45:37.899Z	3	C:\Windows\System32\powershell.exe	ACME\svc_web	tcp	10.10.2.110	56563	10.10.3.141	443
296	FIN-WS-010	2026-02-11T15:28:50.389Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	tcp	10.10.2.110	53564	71.192.156.57	80
297	FIN-WS-010	2026-02-11T12:31:00.380Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	udp	10.10.2.110	63026	10.10.2.146	443	www.bet365.com
298	FIN-WS-010	2026-02-16T03:04:40.407Z	3	C:\Windows\System32\services.exe	ACME\svc_web	tcp	10.10.2.110	57417	10.10.2.125	389	dc-01.acme.local
299	FIN-WS-010	2026-02-11T07:49:44.691Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	udp	10.10.2.110	60560	103.4.61.115	53
300	FIN-WS-010	2026-02-14T01:25:13.726Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	tcp	10.10.2.110	63157	9.112.38.108	445
301	FIN-WS-010	2026-02-10T12:43:39.462Z	3	C:\Windows\System32\svchost.exe	ACME\svc_web	tcp	10.10.2.110	53150	172.213.3.30	3389
302	FIN-WS-010	2026-02-13T10:11:55.428Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.2.110	50388	10.10.3.144	389
303	FIN-WS-010	2026-02-11T00:52:25.341Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	tcp	10.10.2.110	50038	86.5.100.206	53
304	FIN-WS-010	2026-02-10T12:16:59.930Z	3	C:\Windows\System32\System	ACME\svc_web	udp	10.10.2.110	62910	10.10.3.117	443	draftkings.com
305	FIN-WS-010	2026-02-11T08:55:41.304Z	3	C:\Windows\System32\System	ACME\svc_web	udp	10.10.2.110	56709	128.118.156.57	8080
306	FIN-WS-010	2026-02-16T21:06:24.026Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.110	57146	51.248.215.218	389	pokerstars.com
307	FIN-WS-010	2026-02-20T07:30:25.346Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	udp	10.10.2.110	60745	10.10.2.122	53
308	FIN-WS-010	2026-02-17T13:40:41.066Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.110	51508	10.10.3.156	443
309	FIN-WS-010	2026-02-11T15:52:35.124Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.110	53482	8.241.140.224	3389
310	FIN-WS-010	2026-02-17T09:34:01.084Z	3	C:\Windows\System32\teams.exe	ACME\svc_web	udp	10.10.2.110	49422	193.70.95.32	3389
311	FIN-WS-010	2026-02-20T16:51:42.843Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_web	udp	10.10.2.110	50146	209.70.242.204	80
312	FIN-WS-010	2026-02-11T11:18:39.689Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	tcp	10.10.2.110	61795	10.10.3.168	8080
313	FIN-WS-010	2026-02-12T07:01:55.113Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_web	tcp	10.10.2.110	57089	10.10.1.160	389
314	FIN-WS-010	2026-02-11T20:20:51.138Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_web	udp	10.10.2.110	60117	10.10.2.152	3389
315	FIN-WS-010	2026-02-18T19:20:47.814Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.2.110	56474	170.241.82.220	445
316	FIN-WS-010	2026-02-18T05:35:56.030Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.2.110	52062	190.150.95.189	389
317	FIN-WS-010	2026-02-17T15:26:41.698Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	udp	10.10.2.110	59639	10.10.3.141	3389
318	FIN-WS-010	2026-02-12T03:19:16.290Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.110	56335	3.12.128.238	8080
319	FIN-WS-010	2026-02-14T10:01:40.237Z	3	C:\Windows\System32\teams.exe	ACME\svc_web	tcp	10.10.2.110	65232	144.193.146.241	445
320	FIN-WS-010	2026-02-17T03:58:22.908Z	3	C:\Windows\System32\powershell.exe	ACME\svc_web	tcp	10.10.2.110	57143	10.10.3.129	445
321	FIN-WS-010	2026-02-11T02:01:06.526Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.2.110	51622	20.216.250.38	80
322	FIN-WS-010	2026-02-18T04:24:22.479Z	3	C:\Windows\System32\System	ACME\svc_web	udp	10.10.2.110	65078	10.10.1.148	8080	acme.local
323	FIN-WS-010	2026-02-15T08:53:29.537Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.110	64690	10.10.3.162	389
324	SLS-WS-011	2026-02-12T09:41:58.267Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	udp	10.10.3.111	63723	52.120.247.64	445
325	SLS-WS-011	2026-02-18T20:35:26.461Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.3.111	53155	10.10.3.150	389
326	SLS-WS-011	2026-02-11T19:30:22.302Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.3.111	60886	10.10.2.113	445
327	SLS-WS-011	2026-02-12T10:57:44.301Z	3	C:\Windows\System32\cmd.exe	ACME\hbrown	udp	10.10.3.111	51031	10.10.1.118	389
328	SLS-WS-011	2026-02-14T14:18:49.345Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.111	57497	52.130.72.99	53
329	SLS-WS-011	2026-02-13T20:19:19.157Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	udp	10.10.3.111	49508	10.10.1.148	80
330	SLS-WS-011	2026-02-13T15:14:27.175Z	3	C:\Windows\System32\spoolsv.exe	ACME\hbrown	udp	10.10.3.111	62395	10.10.3.150	3389
331	SLS-WS-011	2026-02-18T23:59:26.817Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	tcp	10.10.3.111	64360	10.10.3.144	80
332	SLS-WS-011	2026-02-14T18:51:02.107Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	udp	10.10.3.111	53548	105.180.165.217	443
333	SLS-WS-011	2026-02-19T20:56:44.839Z	3	C:\Windows\System32\cmd.exe	ACME\hbrown	udp	10.10.3.111	60893	106.150.78.12	445
334	SLS-WS-011	2026-02-13T10:51:27.717Z	3	C:\Windows\System32\SearchHost.exe	ACME\hbrown	udp	10.10.3.111	58032	194.233.178.134	445
335	SLS-WS-011	2026-02-14T13:58:16.370Z	3	C:\Windows\System32\csrss.exe	ACME\hbrown	tcp	10.10.3.111	63781	10.10.1.151	389
336	SLS-WS-011	2026-02-20T14:13:09.945Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	udp	10.10.3.111	65439	10.10.2.134	8080
337	SLS-WS-011	2026-02-19T20:45:22.702Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.3.111	62124	10.10.3.10	8080
338	SLS-WS-011	2026-02-11T05:42:46.030Z	3	C:\Windows\System32\spoolsv.exe	ACME\hbrown	udp	10.10.3.111	63203	154.85.178.213	53
339	SLS-WS-011	2026-02-16T21:33:21.290Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.3.111	53863	46.72.233.172	53
340	SLS-WS-011	2026-02-19T17:18:26.625Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	tcp	10.10.3.111	60282	198.136.221.124	8080
341	SLS-WS-011	2026-02-12T10:26:15.973Z	3	C:\Windows\System32\outlook.exe	ACME\hbrown	tcp	10.10.3.111	57810	10.10.1.121	80
342	SLS-WS-011	2026-02-13T10:56:32.540Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.3.111	54939	9.98.230.135	80
343	ENG-WS-012	2026-02-19T10:44:47.101Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.1.112	54883	149.12.197.127	3389
344	ENG-WS-012	2026-02-13T19:33:29.763Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.1.112	64805	165.158.237.107	8080
345	ENG-WS-012	2026-02-18T23:03:02.264Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.112	53778	78.4.1.133	80
346	ENG-WS-012	2026-02-15T18:42:42.473Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.1.112	61895	10.10.3.153	8080
347	ENG-WS-012	2026-02-12T16:45:39.575Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	tcp	10.10.1.112	50649	10.10.3.126	8080
348	ENG-WS-012	2026-02-11T05:33:28.685Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.1.112	63686	212.154.224.103	445
349	ENG-WS-012	2026-02-19T17:56:14.427Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	tcp	10.10.1.112	54550	10.10.3.111	445
350	ENG-WS-012	2026-02-16T17:33:42.466Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	tcp	10.10.1.112	60000	123.7.89.118	443
351	ENG-WS-012	2026-02-13T14:03:09.080Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.112	65489	10.10.2.146	8080
352	ENG-WS-012	2026-02-10T18:49:55.951Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.1.112	53502	10.10.3.171	8080
353	ENG-WS-012	2026-02-19T23:53:19.260Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.1.112	61993	144.234.16.50	443
354	ENG-WS-012	2026-02-11T09:49:45.396Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.112	60395	10.46.4.136	8080
355	ENG-WS-012	2026-02-19T15:16:31.757Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.1.112	55466	10.10.1.142	8080
356	ENG-WS-012	2026-02-19T09:14:22.891Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	udp	10.10.1.112	52622	205.147.43.154	8080
357	LEG-WS-013	2026-02-12T22:09:50.036Z	3	C:\Windows\System32\notepad.exe	ACME\gwhite	tcp	10.10.2.113	55632	100.14.184.127	389
358	LEG-WS-013	2026-02-12T07:24:28.150Z	3	C:\Windows\System32\lsass.exe	ACME\gwhite	udp	10.10.2.113	53281	181.176.100.136	3389
359	LEG-WS-013	2026-02-12T18:41:14.634Z	3	C:\Windows\System32\services.exe	ACME\gwhite	tcp	10.10.2.113	64320	10.10.1.172	389
360	LEG-WS-013	2026-02-19T13:39:52.424Z	3	C:\Program Files\msedge.exe	ACME\gwhite	udp	10.10.2.113	55781	10.10.2.161	445
361	LEG-WS-013	2026-02-17T22:39:42.183Z	3	C:\Program Files\chrome.exe	ACME\gwhite	udp	10.10.2.113	62523	215.185.196.137	445
362	LEG-WS-013	2026-02-18T03:12:27.489Z	3	C:\Program Files\msedge.exe	ACME\gwhite	tcp	10.10.2.113	53247	10.10.2.161	80
363	LEG-WS-013	2026-02-19T22:45:19.569Z	3	C:\Program Files\msedge.exe	ACME\gwhite	tcp	10.10.2.113	49309	10.10.1.118	443
364	LEG-WS-013	2026-02-16T22:58:20.493Z	3	C:\Program Files\msedge.exe	ACME\gwhite	tcp	10.10.2.113	56471	10.10.1.175	53
365	LEG-WS-013	2026-02-14T22:28:23.169Z	3	C:\Program Files\chrome.exe	ACME\gwhite	tcp	10.10.2.113	63449	45.229.125.245	3389
366	LEG-WS-013	2026-02-19T10:44:06.380Z	3	C:\Windows\System32\explorer.exe	ACME\gwhite	udp	10.10.2.113	54648	102.74.187.2	8080
367	LEG-WS-013	2026-02-18T12:46:56.933Z	3	C:\Program Files\msedge.exe	ACME\gwhite	tcp	10.10.2.113	55073	25.31.166.234	443
368	LEG-WS-013	2026-02-17T20:21:00.522Z	3	C:\Windows\System32\code.exe	ACME\gwhite	tcp	10.10.2.113	51837	10.10.3.144	8080
369	LEG-WS-013	2026-02-10T13:38:45.832Z	3	C:\Program Files\chrome.exe	ACME\gwhite	tcp	10.10.2.113	64362	123.109.61.18	443
370	LEG-WS-013	2026-02-16T18:35:29.192Z	3	C:\Windows\System32\SearchHost.exe	ACME\gwhite	tcp	10.10.2.113	53353	62.34.250.76	3389
371	LEG-WS-013	2026-02-13T16:03:14.220Z	3	C:\Windows\System32\powershell.exe	ACME\gwhite	udp	10.10.2.113	55220	72.8.171.138	443
372	LEG-WS-013	2026-02-20T12:26:25.878Z	3	C:\Windows\System32\SearchHost.exe	ACME\gwhite	udp	10.10.2.113	56458	10.10.3.120	389	cdn.jsdelivr.net
373	LEG-WS-013	2026-02-12T03:35:57.032Z	3	C:\Windows\System32\cmd.exe	ACME\gwhite	tcp	10.10.2.113	49456	34.197.216.53	443
374	LEG-WS-013	2026-02-11T01:49:53.135Z	3	C:\Windows\System32\spoolsv.exe	ACME\gwhite	tcp	10.10.2.113	64168	121.28.209.6	3389
375	LEG-WS-013	2026-02-12T10:27:37.671Z	3	C:\Program Files\chrome.exe	ACME\gwhite	tcp	10.10.2.113	57570	64.199.57.41	53
376	LEG-WS-013	2026-02-11T23:26:30.413Z	3	C:\Windows\System32\cmd.exe	ACME\gwhite	udp	10.10.2.113	63549	10.10.3.111	443
377	LEG-WS-013	2026-02-11T19:25:42.901Z	3	C:\Program Files\chrome.exe	ACME\gwhite	tcp	10.10.2.113	63912	198.195.233.183	8080
378	LEG-WS-013	2026-02-20T00:14:01.642Z	3	C:\Program Files\chrome.exe	ACME\gwhite	udp	10.10.2.113	58707	10.10.2.131	443
379	LEG-WS-013	2026-02-16T04:07:34.068Z	3	C:\Windows\System32\OneDrive.exe	ACME\gwhite	tcp	10.10.2.113	53529	10.10.3.174	8080
380	LEG-WS-013	2026-02-15T14:19:23.913Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\gwhite	tcp	10.10.2.113	61849	11.6.60.45	53
381	LEG-WS-013	2026-02-14T08:51:46.138Z	3	C:\Program Files\chrome.exe	ACME\gwhite	tcp	10.10.2.113	55800	207.31.126.224	53
382	LEG-WS-013	2026-02-11T00:08:41.049Z	3	C:\Program Files\chrome.exe	ACME\gwhite	tcp	10.10.2.113	65305	10.10.1.145	8080
383	MKT-WS-014	2026-02-15T22:51:33.253Z	3	C:\Windows\System32\winlogon.exe	ACME\fthompson	udp	10.10.3.114	65409	10.10.3.105	443
384	MKT-WS-014	2026-02-17T16:52:41.087Z	3	C:\Program Files\msedge.exe	ACME\fthompson	udp	10.10.3.114	55972	10.10.3.171	8080
385	MKT-WS-014	2026-02-11T11:09:49.501Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	tcp	10.10.3.114	55687	33.52.8.187	3389
386	MKT-WS-014	2026-02-17T09:58:06.331Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.3.114	59947	152.190.125.249	445
387	MKT-WS-014	2026-02-15T00:36:49.792Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	udp	10.10.3.114	60704	10.10.2.122	443
388	MKT-WS-014	2026-02-14T11:18:52.883Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.3.114	49693	194.3.191.63	53
389	MKT-WS-014	2026-02-19T16:42:42.403Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	udp	10.10.3.114	49259	6.170.55.1	80
390	MKT-WS-014	2026-02-11T19:50:45.135Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.3.114	62838	10.10.3.135	445
391	MKT-WS-014	2026-02-19T01:04:16.906Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	tcp	10.10.3.114	61250	10.10.3.132	8080
392	MKT-WS-014	2026-02-20T16:14:25.837Z	3	C:\Windows\System32\teams.exe	ACME\fthompson	tcp	10.10.3.114	59812	10.10.1.133	389
393	MKT-WS-014	2026-02-20T15:53:09.817Z	3	C:\Windows\System32\services.exe	ACME\fthompson	tcp	10.10.3.114	58865	10.10.2.140	445
394	MKT-WS-014	2026-02-18T14:20:29.522Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\fthompson	tcp	10.10.3.114	57608	97.108.56.202	3389
395	MKT-WS-014	2026-02-14T19:38:14.570Z	3	C:\Windows\System32\smss.exe	ACME\fthompson	tcp	10.10.3.114	60826	124.155.53.178	443
396	MKT-WS-014	2026-02-13T14:00:11.440Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	tcp	10.10.3.114	54135	129.5.82.221	53
397	MKT-WS-014	2026-02-16T07:28:26.409Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	tcp	10.10.3.114	64826	10.10.1.121	389
398	MKT-WS-014	2026-02-19T12:16:35.917Z	3	C:\Windows\System32\taskhostw.exe	ACME\fthompson	udp	10.10.3.114	50363	10.10.2.101	8080
399	MKT-WS-014	2026-02-15T02:49:54.002Z	3	C:\Windows\System32\SearchHost.exe	ACME\fthompson	tcp	10.10.3.114	63391	18.127.60.167	3389
400	MKT-WS-014	2026-02-19T11:52:37.815Z	3	C:\Windows\System32\lsass.exe	ACME\fthompson	tcp	10.10.3.114	58566	104.243.137.194	53
401	EXEC-WS-015	2026-02-18T20:09:20.514Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.115	63605	10.10.1.148	8080	cloudflare.com
402	EXEC-WS-015	2026-02-20T17:28:25.375Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	udp	10.10.1.115	60126	10.10.2.125	8080	akamai.net
403	EXEC-WS-015	2026-02-11T07:40:24.709Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	tcp	10.10.1.115	61505	223.111.37.235	8080
404	EXEC-WS-015	2026-02-20T15:19:53.494Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	udp	10.10.1.115	53343	78.53.184.101	445	github.com
405	EXEC-WS-015	2026-02-17T00:12:01.144Z	3	C:\Windows\System32\dwm.exe	ACME\agarcia	udp	10.10.1.115	58587	175.180.36.108	80
406	EXEC-WS-015	2026-02-15T13:39:21.959Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	tcp	10.10.1.115	64955	87.147.150.89	8080
407	EXEC-WS-015	2026-02-18T17:53:01.485Z	3	C:\Windows\System32\services.exe	ACME\agarcia	udp	10.10.1.115	64739	10.10.2.155	443
408	EXEC-WS-015	2026-02-15T11:49:28.830Z	3	C:\Windows\System32\dwm.exe	ACME\agarcia	udp	10.10.1.115	52708	10.10.2.10	8080
409	EXEC-WS-015	2026-02-12T15:53:50.989Z	3	C:\Windows\System32\powershell.exe	ACME\agarcia	udp	10.10.1.115	55280	53.255.180.149	8080
410	EXEC-WS-015	2026-02-14T07:48:33.597Z	3	C:\Windows\System32\System	ACME\agarcia	udp	10.10.1.115	60441	10.10.1.151	445
411	EXEC-WS-015	2026-02-15T17:47:17.471Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.1.115	53615	10.10.3.159	53
412	EXEC-WS-015	2026-02-18T02:27:35.403Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	udp	10.10.1.115	55300	10.10.1.112	445
413	EXEC-WS-015	2026-02-14T20:19:44.836Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	udp	10.10.1.115	58183	39.53.111.176	53
414	EXEC-WS-015	2026-02-17T06:43:41.591Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.1.115	65519	10.10.2.146	53	cloudflare.com
415	EXEC-WS-015	2026-02-18T04:03:27.277Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	tcp	10.10.1.115	63295	10.10.3.129	80
416	EXEC-WS-015	2026-02-15T11:55:41.224Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	tcp	10.10.1.115	57624	10.10.3.174	3389
417	EXEC-WS-015	2026-02-15T01:25:28.696Z	3	C:\Windows\System32\services.exe	ACME\agarcia	udp	10.10.1.115	51912	10.10.3.105	389
418	EXEC-WS-015	2026-02-19T04:23:27.298Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.1.115	61014	10.10.2.104	443
419	EXEC-WS-015	2026-02-12T07:37:11.120Z	3	C:\Windows\System32\powershell.exe	ACME\agarcia	tcp	10.10.1.115	59820	10.10.2.152	8080
420	EXEC-WS-015	2026-02-17T04:20:57.606Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.1.115	62326	131.220.142.87	389	draftkings.com
421	EXEC-WS-015	2026-02-14T23:45:15.612Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	tcp	10.10.1.115	49505	147.113.142.89	53
422	EXEC-WS-015	2026-02-20T08:32:31.892Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	tcp	10.10.1.115	53756	10.10.1.154	8080
423	EXEC-WS-015	2026-02-12T18:08:22.485Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.1.115	57639	34.12.176.189	80
424	EXEC-WS-015	2026-02-18T02:38:20.773Z	3	C:\Windows\System32\csrss.exe	ACME\agarcia	tcp	10.10.1.115	62592	105.75.82.114	443
425	EXEC-WS-015	2026-02-20T06:49:10.724Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.115	50676	10.10.3.123	445
426	EXEC-WS-015	2026-02-20T00:53:03.784Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.115	56227	65.37.212.222	443
427	EXEC-WS-015	2026-02-18T04:56:37.527Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.115	54667	10.10.1.115	3389
428	EXEC-WS-015	2026-02-12T00:00:39.091Z	3	C:\Windows\System32\services.exe	ACME\agarcia	tcp	10.10.1.115	64265	10.10.2.170	53
429	EXEC-WS-015	2026-02-16T00:30:18.738Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.115	56176	10.10.3.108	80
430	EXEC-WS-015	2026-02-16T01:28:30.524Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	udp	10.10.1.115	60239	10.10.1.13	443
431	EXEC-WS-015	2026-02-13T22:13:27.887Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	tcp	10.10.1.115	53856	10.10.1.13	443
432	EXEC-WS-015	2026-02-11T19:45:23.059Z	3	C:\Windows\System32\dwm.exe	ACME\agarcia	tcp	10.10.1.115	57931	17.245.44.215	80
433	EXEC-WS-015	2026-02-12T12:45:41.914Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	udp	10.10.1.115	56738	146.245.234.92	53
434	EXEC-WS-015	2026-02-15T10:01:37.527Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.115	56016	10.10.3.105	389
435	EXEC-WS-015	2026-02-18T18:18:00.336Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.1.115	62175	10.10.2.113	3389
436	IT-WS-016	2026-02-12T21:33:24.756Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.2.116	54572	10.10.2.149	443
437	IT-WS-016	2026-02-10T16:17:39.286Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.2.116	55060	174.241.255.117	389
438	IT-WS-016	2026-02-12T13:03:51.347Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	tcp	10.10.2.116	50903	16.230.224.10	3389
439	IT-WS-016	2026-02-18T01:57:17.038Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.116	60439	109.118.198.171	8080
440	IT-WS-016	2026-02-17T23:27:53.499Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.116	62741	34.37.131.188	3389
441	IT-WS-016	2026-02-18T19:38:39.174Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.116	62760	10.10.1.13	3389
442	IT-WS-016	2026-02-19T02:07:29.039Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	tcp	10.10.2.116	55087	27.60.169.180	3389
443	IT-WS-016	2026-02-16T06:20:37.607Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.2.116	51440	162.85.51.171	443
444	IT-WS-016	2026-02-13T17:08:13.277Z	3	C:\Windows\System32\services.exe	ACME\admin	udp	10.10.2.116	56511	40.31.57.141	80
445	IT-WS-016	2026-02-19T12:16:52.792Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.2.116	52540	10.10.2.119	445
446	IT-WS-016	2026-02-19T00:28:36.698Z	3	C:\Windows\System32\System	ACME\admin	udp	10.10.2.116	49378	10.10.1.124	3389
447	IT-WS-016	2026-02-18T04:08:57.869Z	3	C:\Windows\System32\lsass.exe	ACME\admin	udp	10.10.2.116	49425	1.204.167.109	8080
448	IT-WS-016	2026-02-16T22:12:14.608Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.116	53415	94.80.49.116	443
449	IT-WS-016	2026-02-13T04:02:26.793Z	3	C:\Windows\System32\powershell.exe	ACME\admin	tcp	10.10.2.116	63573	10.10.3.114	443
450	IT-WS-016	2026-02-14T23:31:55.678Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.116	49325	10.10.2.11	80	npmjs.com
451	IT-WS-016	2026-02-16T10:27:31.707Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.116	55412	10.10.2.155	53
452	IT-WS-016	2026-02-17T07:46:37.397Z	3	C:\Windows\System32\svchost.exe	ACME\admin	udp	10.10.2.116	60904	10.10.2.107	3389
453	IT-WS-016	2026-02-18T06:22:48.061Z	3	C:\Windows\System32\svchost.exe	ACME\admin	tcp	10.10.2.116	51092	10.10.1.124	443
454	IT-WS-016	2026-02-11T09:48:42.643Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.116	59540	10.10.2.131	3389
455	IT-WS-016	2026-02-13T14:50:52.051Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.2.116	64029	10.10.2.104	53
456	IT-WS-016	2026-02-14T14:21:51.140Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.2.116	59123	10.10.3.102	8080
457	IT-WS-016	2026-02-14T11:42:20.011Z	3	C:\Windows\System32\dwm.exe	ACME\admin	udp	10.10.2.116	58051	149.102.5.181	443
458	IT-WS-016	2026-02-20T11:39:10.953Z	3	C:\Windows\System32\lsass.exe	ACME\admin	udp	10.10.2.116	60315	62.108.223.21	389
459	IT-WS-016	2026-02-16T01:29:54.817Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.116	57528	112.186.234.42	3389
460	IT-WS-016	2026-02-11T23:27:10.426Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.116	51050	219.237.194.48	8080
461	IT-WS-016	2026-02-19T11:40:08.583Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.116	58276	105.35.218.119	80
462	IT-WS-016	2026-02-11T21:50:25.376Z	3	C:\Windows\System32\cmd.exe	ACME\admin	tcp	10.10.2.116	63216	108.26.130.227	443
463	IT-WS-016	2026-02-18T12:10:10.103Z	3	C:\Windows\System32\outlook.exe	ACME\admin	tcp	10.10.2.116	56114	133.15.85.156	8080
464	IT-WS-016	2026-02-14T08:49:54.424Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.2.116	51364	10.10.3.132	389
465	IT-WS-016	2026-02-15T08:14:35.177Z	3	C:\Windows\System32\code.exe	ACME\admin	tcp	10.10.2.116	58881	114.198.234.7	443
466	HR-WS-017	2026-02-16T01:36:23.452Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.3.117	56119	173.163.0.88	8080
467	HR-WS-017	2026-02-13T23:36:45.907Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.117	55181	10.52.150.110	445	windowsupdate.com
468	HR-WS-017	2026-02-12T19:09:59.705Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.117	59169	214.86.151.185	443
469	HR-WS-017	2026-02-10T12:27:16.602Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.117	53420	10.10.3.132	445
470	HR-WS-017	2026-02-16T12:12:52.149Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.3.117	55246	10.10.1.157	8080
471	HR-WS-017	2026-02-12T23:43:52.441Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	udp	10.10.3.117	64333	206.26.42.247	53
472	HR-WS-017	2026-02-20T12:34:09.082Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.3.117	55733	214.196.105.63	53
473	HR-WS-017	2026-02-15T20:04:22.316Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.3.117	64479	8.233.56.107	80
474	HR-WS-017	2026-02-13T07:57:52.598Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	tcp	10.10.3.117	63177	113.202.34.56	389
475	HR-WS-017	2026-02-16T22:52:50.468Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.3.117	53527	62.132.161.88	53
476	HR-WS-017	2026-02-16T21:30:11.211Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.117	50257	10.10.3.10	80
477	HR-WS-017	2026-02-14T03:47:30.421Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.3.117	62601	38.85.101.248	3389
478	HR-WS-017	2026-02-13T22:20:37.832Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.3.117	60746	10.10.3.111	80	login.microsoftonline.com
479	HR-WS-017	2026-02-17T08:26:20.389Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.3.117	62783	83.186.189.142	445
480	HR-WS-017	2026-02-12T06:57:00.037Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	udp	10.10.3.117	49732	109.247.245.169	80
481	HR-WS-017	2026-02-20T12:01:43.618Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	tcp	10.10.3.117	65340	10.10.2.104	389
482	HR-WS-017	2026-02-17T05:37:36.898Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.3.117	54686	10.10.1.11	8080
483	HR-WS-017	2026-02-14T20:00:39.239Z	3	C:\Windows\System32\smss.exe	ACME\idavis	tcp	10.10.3.117	62881	26.196.101.172	389	dc-01.acme.local
484	HR-WS-017	2026-02-15T05:56:21.462Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.117	49820	10.10.3.126	389
485	HR-WS-017	2026-02-10T10:28:23.559Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.3.117	59886	116.41.248.232	3389
486	HR-WS-017	2026-02-20T00:36:08.395Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.3.117	53887	10.10.3.108	443
487	HR-WS-017	2026-02-16T16:17:21.505Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.117	54857	10.10.3.126	3389
488	HR-WS-017	2026-02-13T18:45:43.944Z	3	C:\Windows\System32\teams.exe	ACME\idavis	tcp	10.10.3.117	57217	174.154.101.204	3389	github.com
489	HR-WS-017	2026-02-17T23:30:05.412Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.3.117	57516	10.10.1.163	8080
490	HR-WS-017	2026-02-16T15:16:13.534Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.3.117	53117	124.134.152.128	8080	www.bet365.com
491	FIN-WS-018	2026-02-15T19:54:53.644Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.118	55905	10.10.2.149	443
492	FIN-WS-018	2026-02-12T14:46:33.763Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	tcp	10.10.1.118	51438	10.10.3.159	3389	pokerstars.com
493	FIN-WS-018	2026-02-12T11:09:06.499Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	tcp	10.10.1.118	64907	12.101.101.190	3389
494	FIN-WS-018	2026-02-20T07:17:20.682Z	3	C:\Windows\System32\svchost.exe	ACME\admin	udp	10.10.1.118	52347	108.11.160.16	8080
495	FIN-WS-018	2026-02-16T20:17:42.689Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.1.118	62668	10.10.2.146	8080
496	FIN-WS-018	2026-02-18T17:44:14.858Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.1.118	54683	217.123.6.63	445
497	FIN-WS-018	2026-02-16T23:09:21.999Z	3	C:\Windows\System32\teams.exe	ACME\admin	udp	10.10.1.118	50005	33.205.66.242	443
498	FIN-WS-018	2026-02-11T04:19:28.548Z	3	C:\Windows\System32\notepad.exe	ACME\admin	tcp	10.10.1.118	49272	10.10.1.163	8080
499	FIN-WS-018	2026-02-13T23:59:35.197Z	3	C:\Windows\System32\powershell.exe	ACME\admin	udp	10.10.1.118	60892	10.10.3.174	3389
500	FIN-WS-018	2026-02-12T12:43:19.170Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.118	56433	190.181.46.195	443
501	FIN-WS-018	2026-02-12T13:00:16.235Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.1.118	55833	201.149.152.45	443
502	FIN-WS-018	2026-02-13T08:19:47.689Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.118	59993	63.117.19.227	445	login.microsoftonline.com
503	FIN-WS-018	2026-02-17T00:34:59.480Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.118	54715	10.10.3.144	80
504	FIN-WS-018	2026-02-14T01:17:54.910Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.1.118	51898	10.10.3.123	389
505	FIN-WS-018	2026-02-13T02:25:07.824Z	3	C:\Windows\System32\svchost.exe	ACME\admin	udp	10.10.1.118	58375	112.82.114.209	53
506	FIN-WS-018	2026-02-11T17:01:21.558Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.118	62706	10.10.2.146	443	www.bet365.com
507	FIN-WS-018	2026-02-13T17:19:35.828Z	3	C:\Windows\System32\smss.exe	ACME\admin	udp	10.10.1.118	57153	126.195.117.239	389
508	FIN-WS-018	2026-02-13T04:33:58.560Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.1.118	56721	125.132.45.60	445
509	FIN-WS-018	2026-02-11T01:28:57.396Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.1.118	50102	158.158.32.204	80
510	FIN-WS-018	2026-02-12T20:14:23.322Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.1.118	64289	10.10.1.12	80
511	FIN-WS-018	2026-02-14T14:53:51.509Z	3	C:\Windows\System32\smss.exe	ACME\admin	tcp	10.10.1.118	49417	10.10.1.169	443
512	FIN-WS-018	2026-02-18T22:07:53.519Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.118	62394	86.76.35.39	53
513	FIN-WS-018	2026-02-16T05:51:25.883Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.118	57726	10.10.1.148	389
514	FIN-WS-018	2026-02-10T11:43:51.404Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.118	50491	10.10.2.116	3389
515	FIN-WS-018	2026-02-16T18:25:20.502Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.118	53582	10.10.1.130	3389
516	FIN-WS-018	2026-02-13T21:37:34.705Z	3	C:\Windows\System32\lsass.exe	ACME\admin	udp	10.10.1.118	55837	148.23.217.142	3389
517	FIN-WS-018	2026-02-18T08:39:12.961Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.1.118	60082	10.10.2.137	53
518	FIN-WS-018	2026-02-17T04:48:52.115Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.1.118	64873	10.10.1.130	443
519	FIN-WS-018	2026-02-15T04:47:45.700Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	udp	10.10.1.118	57849	141.151.233.238	53
520	FIN-WS-018	2026-02-17T16:35:33.616Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.1.118	58676	10.10.3.108	445
521	FIN-WS-018	2026-02-17T10:54:09.745Z	3	C:\Windows\System32\svchost.exe	ACME\admin	udp	10.10.1.118	50131	109.250.157.2	443
522	FIN-WS-018	2026-02-11T10:54:16.901Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.1.118	58860	164.27.11.186	389	pokerstars.com
523	FIN-WS-018	2026-02-16T04:47:23.074Z	3	C:\Windows\System32\outlook.exe	ACME\admin	tcp	10.10.1.118	51182	10.10.2.146	8080
524	FIN-WS-018	2026-02-14T08:50:59.221Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.118	57741	10.10.1.13	80
525	FIN-WS-018	2026-02-14T18:07:24.140Z	3	C:\Windows\System32\teams.exe	ACME\admin	tcp	10.10.1.118	57332	71.89.73.154	8080
526	FIN-WS-018	2026-02-18T21:47:52.680Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.118	62647	10.10.1.121	445
527	FIN-WS-018	2026-02-17T19:51:18.433Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.118	61304	10.10.1.142	389
528	FIN-WS-018	2026-02-18T21:55:35.331Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.118	60099	10.10.1.172	389
529	SLS-WS-019	2026-02-15T20:32:25.214Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.2.119	49744	198.246.67.73	445
530	SLS-WS-019	2026-02-17T17:08:09.891Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_web	udp	10.10.2.119	56088	162.233.133.244	443
531	SLS-WS-019	2026-02-20T06:58:17.215Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.119	62224	10.10.1.109	53	time.windows.com
532	SLS-WS-019	2026-02-20T05:21:26.794Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.2.119	64933	35.23.90.243	53
533	SLS-WS-019	2026-02-17T00:11:50.264Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.2.119	58317	83.209.92.190	53
534	SLS-WS-019	2026-02-17T05:05:23.764Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.119	57985	10.10.2.110	443	exch-01.acme.local
535	SLS-WS-019	2026-02-12T22:45:29.950Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	udp	10.10.2.119	56288	38.175.130.246	389
536	SLS-WS-019	2026-02-20T12:28:05.000Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	udp	10.10.2.119	51419	16.28.195.243	80
537	SLS-WS-019	2026-02-17T19:30:31.739Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	tcp	10.10.2.119	58414	199.38.184.152	389
538	SLS-WS-019	2026-02-10T10:42:16.616Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	udp	10.10.2.119	51587	10.10.3.108	53
539	SLS-WS-019	2026-02-15T11:10:19.051Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_web	tcp	10.10.2.119	56837	102.149.73.60	8080
540	SLS-WS-019	2026-02-20T05:55:22.509Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	udp	10.10.2.119	54130	10.10.1.109	8080
541	SLS-WS-019	2026-02-12T00:39:04.423Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.2.119	62043	10.10.3.105	80
542	SLS-WS-019	2026-02-16T04:45:27.987Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.119	49681	41.241.61.124	443
543	SLS-WS-019	2026-02-11T13:16:59.827Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	udp	10.10.2.119	53172	165.138.100.24	445
544	SLS-WS-019	2026-02-14T04:01:59.287Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.119	63004	107.93.176.229	389
545	SLS-WS-019	2026-02-18T05:50:38.090Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	udp	10.10.2.119	61838	10.10.1.103	80
546	ENG-WS-020	2026-02-18T21:01:38.707Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.3.120	51352	10.10.2.11	389
547	ENG-WS-020	2026-02-13T23:41:06.340Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	udp	10.10.3.120	55414	20.37.103.235	80
548	ENG-WS-020	2026-02-17T20:10:57.011Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.120	59638	10.10.2.107	53
549	ENG-WS-020	2026-02-16T15:46:14.591Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.120	49745	10.10.1.175	443	acme.sharepoint.com
550	ENG-WS-020	2026-02-17T19:01:11.573Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	tcp	10.10.3.120	64317	10.10.2.110	445
551	ENG-WS-020	2026-02-18T05:54:44.597Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.120	64919	110.131.144.217	445
552	ENG-WS-020	2026-02-16T10:28:04.028Z	3	C:\Windows\System32\OneDrive.exe	ACME\bwilson	tcp	10.10.3.120	61990	10.10.3.102	80	dc-02.acme.local
553	ENG-WS-020	2026-02-10T17:34:24.319Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.3.120	52654	10.10.1.163	445
554	ENG-WS-020	2026-02-13T14:59:51.467Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	tcp	10.10.3.120	57193	75.38.124.253	8080
555	ENG-WS-020	2026-02-15T21:50:16.489Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	tcp	10.10.3.120	61713	38.200.116.118	8080
556	ENG-WS-020	2026-02-19T20:20:42.292Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	tcp	10.10.3.120	62149	159.22.144.218	443
557	ENG-WS-020	2026-02-12T23:48:33.774Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	udp	10.10.3.120	63209	153.180.14.119	389
558	ENG-WS-020	2026-02-16T03:05:28.921Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.120	51016	169.222.30.124	389
559	ENG-WS-020	2026-02-11T13:15:05.012Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	udp	10.10.3.120	60588	160.55.59.72	80
560	ENG-WS-020	2026-02-17T07:55:31.974Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.120	61961	131.143.236.160	389	stackoverflow.com
561	ENG-WS-020	2026-02-15T17:57:22.515Z	3	C:\Windows\System32\spoolsv.exe	ACME\bwilson	tcp	10.10.3.120	53989	29.7.218.10	3389
562	ENG-WS-020	2026-02-15T02:35:04.141Z	3	C:\Windows\System32\System	ACME\bwilson	udp	10.10.3.120	65431	162.84.93.62	443
563	ENG-WS-020	2026-02-11T21:54:32.866Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	udp	10.10.3.120	62306	10.10.1.109	53
564	ENG-WS-020	2026-02-16T00:41:33.018Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.120	53176	10.10.1.163	443
565	ENG-WS-020	2026-02-10T08:22:41.327Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.3.120	61991	161.130.107.155	3389
566	ENG-WS-020	2026-02-14T00:26:44.840Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.3.120	57094	10.10.2.173	445
567	ENG-WS-020	2026-02-19T21:29:24.601Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.120	49230	10.10.1.109	443
568	ENG-WS-020	2026-02-11T06:04:40.493Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.120	51449	185.152.28.66	53
569	ENG-WS-020	2026-02-17T11:52:35.388Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.3.120	58763	10.10.2.125	8080
570	ENG-WS-020	2026-02-20T04:37:17.782Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	udp	10.10.3.120	56313	10.10.1.109	8080
571	ENG-WS-020	2026-02-17T09:49:10.674Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	tcp	10.10.3.120	61748	10.10.2.146	389
572	ENG-WS-020	2026-02-18T06:07:02.518Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	tcp	10.10.3.120	63162	10.10.2.134	80
573	ENG-WS-020	2026-02-16T17:35:43.067Z	3	C:\Windows\System32\OneDrive.exe	ACME\bwilson	tcp	10.10.3.120	59400	48.167.10.67	3389
574	ENG-WS-020	2026-02-18T19:53:05.678Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	udp	10.10.3.120	61015	10.10.1.124	445
575	ENG-WS-020	2026-02-16T21:34:57.614Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.120	54263	10.10.1.10	389
576	ENG-WS-020	2026-02-11T09:45:26.024Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.3.120	63413	86.72.113.224	443
577	ENG-WS-020	2026-02-17T15:51:44.655Z	3	C:\Windows\System32\System	ACME\bwilson	tcp	10.10.3.120	60168	203.177.69.26	389	acme.sharepoint.com
578	ENG-WS-020	2026-02-18T15:35:22.307Z	3	C:\Windows\System32\teams.exe	ACME\bwilson	tcp	10.10.3.120	57655	10.10.1.139	389
579	ENG-WS-020	2026-02-15T14:04:42.594Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.3.120	59830	10.10.3.144	445
580	ENG-WS-020	2026-02-10T09:52:17.048Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.3.120	60782	10.10.1.13	80
581	ENG-WS-020	2026-02-13T02:27:43.322Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	tcp	10.10.3.120	59535	101.80.191.203	443
582	LEG-WS-021	2026-02-15T05:48:38.876Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.1.121	63418	82.208.62.120	3389
583	LEG-WS-021	2026-02-19T16:38:07.693Z	3	C:\Windows\System32\System	ACME\idavis	tcp	10.10.1.121	52304	211.104.242.50	53
584	LEG-WS-021	2026-02-11T14:43:47.137Z	3	C:\Windows\System32\teams.exe	ACME\idavis	udp	10.10.1.121	58163	121.247.102.120	389
585	LEG-WS-021	2026-02-15T23:40:15.072Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.1.121	58635	219.8.182.39	80
586	LEG-WS-021	2026-02-15T15:37:38.187Z	3	C:\Windows\System32\explorer.exe	ACME\idavis	udp	10.10.1.121	64340	10.10.1.142	443
587	LEG-WS-021	2026-02-15T01:10:57.742Z	3	C:\Windows\System32\code.exe	ACME\idavis	tcp	10.10.1.121	60495	6.91.80.222	53	draftkings.com
588	LEG-WS-021	2026-02-18T16:35:33.090Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.1.121	62833	164.119.102.176	53
589	LEG-WS-021	2026-02-20T01:41:52.442Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.121	55639	10.10.3.108	445	google.com
590	LEG-WS-021	2026-02-18T19:20:14.380Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.1.121	62282	91.163.36.6	53
591	LEG-WS-021	2026-02-18T13:37:24.232Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.121	51349	27.105.88.248	53
592	LEG-WS-021	2026-02-15T08:35:15.734Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.1.121	59431	10.10.3.111	80
593	LEG-WS-021	2026-02-11T19:06:11.958Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	tcp	10.10.1.121	51641	120.16.5.221	445
594	LEG-WS-021	2026-02-20T12:29:08.512Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	tcp	10.10.1.121	55679	157.39.238.176	8080
595	LEG-WS-021	2026-02-15T09:12:03.892Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.121	49775	10.10.2.140	445
596	LEG-WS-021	2026-02-15T06:08:37.261Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.1.121	51465	92.252.194.230	3389	www.bet365.com
597	LEG-WS-021	2026-02-18T13:39:07.089Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.1.121	63302	10.10.3.111	443
598	LEG-WS-021	2026-02-11T04:35:34.367Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	udp	10.10.1.121	49627	10.10.1.151	443
599	LEG-WS-021	2026-02-11T14:27:40.327Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.121	53702	139.144.243.134	3389
600	LEG-WS-021	2026-02-17T10:55:07.671Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.1.121	60699	62.124.59.220	53
601	LEG-WS-021	2026-02-18T15:41:49.458Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	udp	10.10.1.121	60108	10.10.3.108	389
602	LEG-WS-021	2026-02-19T02:12:36.224Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.121	55381	102.30.229.41	3389
603	LEG-WS-021	2026-02-18T15:30:26.548Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.1.121	59677	57.11.75.13	443
604	LEG-WS-021	2026-02-12T22:33:59.223Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.1.121	59532	73.172.82.143	8080
605	LEG-WS-021	2026-02-11T05:27:17.916Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	tcp	10.10.1.121	56027	10.10.2.149	389
606	LEG-WS-021	2026-02-17T07:59:31.909Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.121	59607	135.211.88.2	80
607	LEG-WS-021	2026-02-18T11:43:21.373Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.121	58679	145.200.88.156	3389
608	LEG-WS-021	2026-02-13T20:26:32.224Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.121	51519	10.10.2.128	53
609	LEG-WS-021	2026-02-16T06:25:10.736Z	3	C:\Windows\System32\outlook.exe	ACME\idavis	tcp	10.10.1.121	60841	10.10.1.115	8080
610	LEG-WS-021	2026-02-12T22:43:14.961Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.121	50760	146.155.58.170	445
611	LEG-WS-021	2026-02-10T22:00:58.504Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.1.121	63161	10.10.2.119	445	akamai.net
612	LEG-WS-021	2026-02-13T03:21:17.284Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.121	49590	10.10.3.102	445	outlook.office365.com
613	LEG-WS-021	2026-02-19T17:05:42.117Z	3	C:\Windows\System32\outlook.exe	ACME\idavis	udp	10.10.1.121	59538	10.10.1.148	443
614	LEG-WS-021	2026-02-17T23:33:15.740Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.121	60796	10.10.1.121	80
615	MKT-WS-022	2026-02-16T19:41:09.745Z	3	C:\Windows\System32\csrss.exe	ACME\dlee	udp	10.10.2.122	65245	136.49.162.204	53
616	MKT-WS-022	2026-02-15T12:18:07.693Z	3	C:\Windows\System32\MsMpEng.exe	ACME\dlee	udp	10.10.2.122	53904	171.60.157.35	443
617	MKT-WS-022	2026-02-10T11:02:31.010Z	3	C:\Windows\System32\svchost.exe	ACME\dlee	tcp	10.10.2.122	59047	10.10.2.128	53
618	MKT-WS-022	2026-02-18T05:38:34.826Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	tcp	10.10.2.122	50260	46.125.67.195	53
619	MKT-WS-022	2026-02-12T08:03:04.584Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	udp	10.10.2.122	51471	10.10.1.166	3389
620	MKT-WS-022	2026-02-17T02:17:16.382Z	3	C:\Windows\System32\lsass.exe	ACME\dlee	tcp	10.10.2.122	55977	111.5.13.63	443
621	MKT-WS-022	2026-02-17T14:24:35.575Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.2.122	50879	10.10.3.105	3389
622	MKT-WS-022	2026-02-20T01:19:08.701Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.2.122	60912	19.184.211.126	389
623	MKT-WS-022	2026-02-12T07:13:47.093Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	tcp	10.10.2.122	63499	7.49.192.221	8080
624	MKT-WS-022	2026-02-17T23:00:34.704Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.2.122	65309	71.80.203.55	53
625	MKT-WS-022	2026-02-16T16:15:25.852Z	3	C:\Windows\System32\taskhostw.exe	ACME\dlee	tcp	10.10.2.122	51346	215.205.115.240	443
626	MKT-WS-022	2026-02-11T04:01:50.502Z	3	C:\Windows\System32\spoolsv.exe	ACME\dlee	tcp	10.10.2.122	65125	2.34.43.120	445
627	MKT-WS-022	2026-02-20T06:38:21.614Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.2.122	62152	10.10.2.164	445
628	MKT-WS-022	2026-02-13T13:38:57.517Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.2.122	61525	10.10.2.137	53
629	MKT-WS-022	2026-02-13T09:14:54.284Z	3	C:\Windows\System32\code.exe	ACME\dlee	tcp	10.10.2.122	56218	217.246.171.248	443
630	MKT-WS-022	2026-02-13T23:56:25.384Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.2.122	58152	10.10.1.124	53
631	MKT-WS-022	2026-02-11T11:01:30.504Z	3	C:\Windows\System32\code.exe	ACME\dlee	udp	10.10.2.122	51898	10.10.3.105	443
632	MKT-WS-022	2026-02-20T11:02:21.138Z	3	C:\Windows\System32\cmd.exe	ACME\dlee	udp	10.10.2.122	60811	111.190.73.128	445
633	MKT-WS-022	2026-02-12T19:27:32.473Z	3	C:\Windows\System32\cmd.exe	ACME\dlee	tcp	10.10.2.122	62989	204.108.34.163	53	pokerstars.com
634	MKT-WS-022	2026-02-14T13:20:46.728Z	3	C:\Windows\System32\smss.exe	ACME\dlee	tcp	10.10.2.122	55544	66.230.94.147	445	aws.amazon.com
635	MKT-WS-022	2026-02-17T09:47:19.619Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	tcp	10.10.2.122	53921	154.178.62.18	443
636	MKT-WS-022	2026-02-17T14:30:42.740Z	3	C:\Windows\System32\lsass.exe	ACME\dlee	tcp	10.10.2.122	64682	10.10.3.120	3389
637	MKT-WS-022	2026-02-20T12:16:33.621Z	3	C:\Windows\System32\teams.exe	ACME\dlee	tcp	10.10.2.122	54765	41.122.61.144	389
638	MKT-WS-022	2026-02-19T05:32:53.762Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	tcp	10.10.2.122	57924	10.10.2.104	8080
639	MKT-WS-022	2026-02-15T18:07:54.263Z	3	C:\Windows\System32\notepad.exe	ACME\dlee	tcp	10.10.2.122	64375	10.10.1.157	443
640	MKT-WS-022	2026-02-13T08:39:40.899Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.2.122	61939	10.10.3.162	389
641	MKT-WS-022	2026-02-19T00:05:14.924Z	3	C:\Windows\System32\smss.exe	ACME\dlee	tcp	10.10.2.122	63914	10.10.2.146	3389
642	MKT-WS-022	2026-02-14T10:04:55.001Z	3	C:\Windows\System32\teams.exe	ACME\dlee	tcp	10.10.2.122	53673	169.25.27.58	389	graph.microsoft.com
643	MKT-WS-022	2026-02-16T00:02:12.558Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.2.122	56694	10.10.3.138	445
644	MKT-WS-022	2026-02-11T16:06:02.962Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.2.122	57080	96.69.60.186	389
645	EXEC-WS-023	2026-02-15T16:36:46.721Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.3.123	50849	10.10.3.117	8080
646	EXEC-WS-023	2026-02-11T00:34:30.089Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.3.123	61758	10.10.1.163	8080	dc-01.acme.local
647	EXEC-WS-023	2026-02-13T21:18:35.668Z	3	C:\Windows\System32\System	ACME\admin	udp	10.10.3.123	62391	10.10.1.118	53
648	EXEC-WS-023	2026-02-14T16:13:07.519Z	3	C:\Windows\System32\powershell.exe	ACME\admin	tcp	10.10.3.123	65321	129.216.149.81	445
649	EXEC-WS-023	2026-02-19T01:29:26.748Z	3	C:\Windows\System32\csrss.exe	ACME\admin	tcp	10.10.3.123	64427	10.10.3.123	8080
650	EXEC-WS-023	2026-02-16T02:11:55.724Z	3	C:\Windows\System32\code.exe	ACME\admin	udp	10.10.3.123	49934	47.45.40.39	8080
651	EXEC-WS-023	2026-02-19T21:39:34.141Z	3	C:\Windows\System32\code.exe	ACME\admin	tcp	10.10.3.123	49194	10.10.1.10	53
652	EXEC-WS-023	2026-02-12T04:08:40.514Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.3.123	55141	10.10.2.131	443
653	EXEC-WS-023	2026-02-11T17:55:46.493Z	3	C:\Windows\System32\teams.exe	ACME\admin	tcp	10.10.3.123	56023	10.10.1.103	445
654	EXEC-WS-023	2026-02-11T08:37:58.819Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.3.123	49493	46.167.206.31	3389
655	EXEC-WS-023	2026-02-13T22:44:26.908Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.3.123	64476	129.239.132.40	80
656	EXEC-WS-023	2026-02-16T21:39:23.643Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.3.123	55183	10.10.1.148	80	graph.microsoft.com
657	EXEC-WS-023	2026-02-20T01:34:01.292Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.3.123	58447	10.10.1.12	8080
658	IT-WS-024	2026-02-12T19:58:11.314Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.1.124	61396	184.99.118.163	389
659	IT-WS-024	2026-02-13T08:06:08.112Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.1.124	62033	10.10.3.108	3389
660	IT-WS-024	2026-02-11T09:28:53.541Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	udp	10.10.1.124	50835	10.10.1.142	8080
661	IT-WS-024	2026-02-13T08:34:24.157Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	udp	10.10.1.124	53644	166.165.59.219	53
662	IT-WS-024	2026-02-15T07:12:56.127Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.1.124	63332	10.10.3.132	389
663	IT-WS-024	2026-02-18T01:17:17.711Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	udp	10.10.1.124	53990	10.10.2.167	445
664	IT-WS-024	2026-02-13T10:14:54.949Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.1.124	58488	40.12.71.128	8080
665	IT-WS-024	2026-02-14T20:00:38.842Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.1.124	63898	14.254.51.245	3389
666	IT-WS-024	2026-02-17T02:09:51.972Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	tcp	10.10.1.124	52785	94.82.58.100	3389
667	IT-WS-024	2026-02-11T17:24:10.370Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.1.124	53646	10.10.1.172	80
668	HR-WS-025	2026-02-18T03:38:41.058Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.2.125	57422	80.216.125.49	443
669	HR-WS-025	2026-02-19T13:45:26.108Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.2.125	59954	152.23.51.120	443
670	HR-WS-025	2026-02-17T23:38:59.921Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.2.125	57660	10.10.1.130	3389
671	HR-WS-025	2026-02-17T18:15:43.798Z	3	C:\Windows\System32\code.exe	ACME\idavis	tcp	10.10.2.125	60451	10.10.2.173	53
672	HR-WS-025	2026-02-12T06:40:47.160Z	3	C:\Windows\System32\teams.exe	ACME\idavis	udp	10.10.2.125	58155	20.20.85.102	80
673	HR-WS-025	2026-02-12T21:43:47.168Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.2.125	62924	10.10.2.104	80	pypi.org
674	HR-WS-025	2026-02-15T17:01:12.752Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.2.125	57991	10.10.2.161	53
675	HR-WS-025	2026-02-12T21:42:54.616Z	3	C:\Windows\System32\services.exe	ACME\idavis	udp	10.10.2.125	59611	177.77.160.204	53
676	HR-WS-025	2026-02-14T17:28:53.193Z	3	C:\Windows\System32\explorer.exe	ACME\idavis	udp	10.10.2.125	61049	10.10.3.102	443	www.bet365.com
677	HR-WS-025	2026-02-17T11:36:39.570Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.2.125	57808	171.191.173.145	443
678	HR-WS-025	2026-02-18T21:22:13.513Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.2.125	64573	10.10.2.131	80
679	HR-WS-025	2026-02-14T01:04:28.046Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	tcp	10.10.2.125	61694	10.10.1.148	3389
680	HR-WS-025	2026-02-12T18:46:55.006Z	3	C:\Windows\System32\code.exe	ACME\idavis	udp	10.10.2.125	61976	160.134.194.142	445
681	HR-WS-025	2026-02-15T02:38:04.794Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.2.125	60232	97.111.143.135	80
682	HR-WS-025	2026-02-12T04:53:52.069Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.2.125	50851	124.156.60.221	3389
683	HR-WS-025	2026-02-13T03:56:12.516Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.2.125	61981	10.10.2.143	80
684	HR-WS-025	2026-02-16T00:55:42.036Z	3	C:\Windows\System32\services.exe	ACME\idavis	udp	10.10.2.125	56183	10.10.3.108	53
685	HR-WS-025	2026-02-19T16:03:49.122Z	3	C:\Windows\System32\svchost.exe	ACME\idavis	tcp	10.10.2.125	50190	103.50.249.117	445
686	HR-WS-025	2026-02-17T16:36:52.067Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.2.125	49544	10.10.2.158	443
687	HR-WS-025	2026-02-17T09:44:08.943Z	3	C:\Windows\System32\outlook.exe	ACME\idavis	tcp	10.10.2.125	59610	42.132.1.26	389
688	HR-WS-025	2026-02-13T00:58:37.832Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.2.125	65159	83.157.107.241	53	login.microsoftonline.com
689	HR-WS-025	2026-02-15T00:08:05.965Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.2.125	58480	159.147.3.253	80
690	HR-WS-025	2026-02-17T14:28:34.502Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.2.125	57814	10.10.2.107	80
691	HR-WS-025	2026-02-12T06:32:08.074Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.2.125	55903	10.10.1.145	443
692	HR-WS-025	2026-02-15T09:33:35.779Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.2.125	53641	10.10.2.116	389
693	HR-WS-025	2026-02-16T02:56:18.350Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.2.125	58562	10.10.2.143	53
694	HR-WS-025	2026-02-13T14:47:21.460Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.2.125	53763	184.126.112.89	443
695	HR-WS-025	2026-02-20T10:37:24.149Z	3	C:\Windows\System32\teams.exe	ACME\idavis	tcp	10.10.2.125	65333	10.10.1.151	80
696	HR-WS-025	2026-02-17T15:41:10.708Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	udp	10.10.2.125	64131	189.36.117.120	8080
697	HR-WS-025	2026-02-20T16:58:53.198Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.2.125	56487	10.10.3.159	389
698	HR-WS-025	2026-02-18T18:31:23.891Z	3	C:\Windows\System32\code.exe	ACME\idavis	tcp	10.10.2.125	50129	10.10.2.10	443	file-01.acme.local
699	HR-WS-025	2026-02-18T23:45:20.363Z	3	C:\Windows\System32\teams.exe	ACME\idavis	udp	10.10.2.125	62829	32.31.154.139	389
700	HR-WS-025	2026-02-12T09:43:34.704Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.2.125	53597	10.10.2.128	443
701	FIN-WS-026	2026-02-19T19:21:57.321Z	3	C:\Windows\System32\cmd.exe	ACME\svc_backup	tcp	10.10.3.126	64383	156.100.249.192	445
702	FIN-WS-026	2026-02-14T14:56:35.805Z	3	C:\Windows\System32\System	ACME\svc_backup	tcp	10.10.3.126	57911	86.53.3.64	80
703	FIN-WS-026	2026-02-15T20:04:23.275Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	tcp	10.10.3.126	63463	179.239.204.34	389	acme.local
704	FIN-WS-026	2026-02-11T01:28:57.837Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	tcp	10.10.3.126	54709	129.40.55.78	80
705	FIN-WS-026	2026-02-11T01:17:32.164Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	udp	10.10.3.126	62901	65.147.32.136	3389
706	FIN-WS-026	2026-02-20T03:45:19.660Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_backup	udp	10.10.3.126	61795	10.10.1.12	389
707	FIN-WS-026	2026-02-12T15:43:43.929Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.3.126	56433	10.10.2.110	8080	googleapis.com
708	FIN-WS-026	2026-02-14T03:45:27.422Z	3	C:\Windows\System32\powershell.exe	ACME\svc_backup	udp	10.10.3.126	57088	155.68.79.200	53
709	FIN-WS-026	2026-02-11T10:02:19.865Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	tcp	10.10.3.126	52249	10.10.3.135	445
710	FIN-WS-026	2026-02-17T15:22:34.981Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	udp	10.10.3.126	49484	10.10.2.170	443
711	FIN-WS-026	2026-02-18T21:48:56.744Z	3	C:\Windows\System32\dwm.exe	ACME\svc_backup	udp	10.10.3.126	49453	10.10.2.122	445
712	FIN-WS-026	2026-02-15T10:59:45.770Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	udp	10.10.3.126	65511	191.195.232.109	3389
713	FIN-WS-026	2026-02-13T17:07:15.790Z	3	C:\Windows\System32\powershell.exe	ACME\svc_backup	udp	10.10.3.126	63419	10.10.1.13	53
714	FIN-WS-026	2026-02-16T18:13:40.444Z	3	C:\Windows\System32\cmd.exe	ACME\svc_backup	tcp	10.10.3.126	55129	10.10.2.110	53
715	FIN-WS-026	2026-02-18T11:31:57.433Z	3	C:\Windows\System32\powershell.exe	ACME\svc_backup	tcp	10.10.3.126	61806	13.84.70.246	53
716	FIN-WS-026	2026-02-14T06:42:57.392Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	udp	10.10.3.126	50891	99.217.102.6	3389
717	FIN-WS-026	2026-02-13T13:49:27.235Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	udp	10.10.3.126	51334	10.10.3.153	53
718	FIN-WS-026	2026-02-20T14:15:47.844Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	tcp	10.10.3.126	58255	170.77.118.252	389
719	SLS-WS-027	2026-02-13T13:31:26.019Z	3	C:\Windows\System32\cmd.exe	ACME\hbrown	tcp	10.10.1.127	53792	10.10.1.106	8080
720	SLS-WS-027	2026-02-10T10:32:13.954Z	3	C:\Windows\System32\code.exe	ACME\hbrown	tcp	10.10.1.127	59931	183.249.140.69	445
721	SLS-WS-027	2026-02-20T02:38:48.409Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.1.127	57587	148.247.242.153	389
722	SLS-WS-027	2026-02-18T23:35:30.652Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	tcp	10.10.1.127	63322	10.10.2.152	389
723	SLS-WS-027	2026-02-20T09:53:38.738Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.1.127	60976	10.10.3.141	445
724	SLS-WS-027	2026-02-10T16:19:59.048Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.1.127	58514	10.10.3.117	389	cdn.jsdelivr.net
725	SLS-WS-027	2026-02-13T12:41:25.596Z	3	C:\Windows\System32\taskhostw.exe	ACME\hbrown	udp	10.10.1.127	60941	10.10.2.110	80
726	SLS-WS-027	2026-02-15T15:45:11.512Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	tcp	10.10.1.127	51020	10.10.2.173	443
727	SLS-WS-027	2026-02-19T04:54:45.265Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.1.127	63629	10.10.2.167	389
728	SLS-WS-027	2026-02-17T05:44:56.963Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.1.127	61376	99.34.245.135	3389	time.windows.com
729	SLS-WS-027	2026-02-12T04:26:03.545Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.127	55189	202.188.184.116	443
730	SLS-WS-027	2026-02-11T19:58:43.279Z	3	C:\Windows\System32\SearchHost.exe	ACME\hbrown	tcp	10.10.1.127	54627	10.10.2.146	80
731	SLS-WS-027	2026-02-13T13:43:03.479Z	3	C:\Windows\System32\services.exe	ACME\hbrown	tcp	10.10.1.127	50384	148.40.69.70	3389
732	SLS-WS-027	2026-02-14T21:36:33.967Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	udp	10.10.1.127	64866	133.138.169.104	443	time.windows.com
733	SLS-WS-027	2026-02-13T03:09:53.822Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	udp	10.10.1.127	56810	54.148.149.123	443
734	SLS-WS-027	2026-02-10T17:55:17.409Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.1.127	54274	10.10.3.132	445
735	SLS-WS-027	2026-02-18T15:34:45.711Z	3	C:\Program Files\chrome.exe	ACME\hbrown	tcp	10.10.1.127	57682	10.10.2.137	80
736	SLS-WS-027	2026-02-20T11:45:28.909Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.1.127	51145	10.10.2.155	443	github.com
737	ENG-WS-028	2026-02-14T03:14:10.850Z	3	C:\Windows\System32\services.exe	ACME\emartinez	udp	10.10.2.128	62528	144.71.44.148	8080
738	ENG-WS-028	2026-02-19T21:57:04.625Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	tcp	10.10.2.128	51170	10.10.1.145	443
739	ENG-WS-028	2026-02-12T08:58:50.550Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.2.128	55084	10.10.1.10	80
740	ENG-WS-028	2026-02-17T17:08:46.774Z	3	C:\Windows\System32\OneDrive.exe	ACME\emartinez	udp	10.10.2.128	53739	10.10.2.101	80
741	ENG-WS-028	2026-02-15T03:57:12.851Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.2.128	63758	10.10.3.132	8080
742	ENG-WS-028	2026-02-17T15:48:33.339Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.2.128	56490	11.199.11.240	443
743	ENG-WS-028	2026-02-12T09:42:15.693Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	udp	10.10.2.128	57653	41.127.181.182	53
744	ENG-WS-028	2026-02-15T06:53:35.084Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.2.128	52423	10.10.1.118	8080
745	ENG-WS-028	2026-02-19T21:55:22.796Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.2.128	56586	10.10.3.141	389
746	ENG-WS-028	2026-02-16T13:19:16.260Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.2.128	50928	72.134.111.147	8080
747	ENG-WS-028	2026-02-16T21:29:53.297Z	3	C:\Windows\System32\code.exe	ACME\emartinez	udp	10.10.2.128	51437	10.10.2.113	3389
748	ENG-WS-028	2026-02-17T12:49:42.334Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.2.128	61016	212.39.211.194	3389
749	ENG-WS-028	2026-02-16T03:36:21.302Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.2.128	56937	94.102.79.16	53
750	ENG-WS-028	2026-02-20T06:31:40.270Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	tcp	10.10.2.128	49629	10.10.3.111	80
751	ENG-WS-028	2026-02-14T23:43:03.660Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.2.128	56088	10.10.2.11	8080
752	ENG-WS-028	2026-02-12T10:17:16.151Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.2.128	49507	10.10.2.122	80
753	ENG-WS-028	2026-02-14T23:31:00.649Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.2.128	54682	10.10.3.141	3389
754	ENG-WS-028	2026-02-19T16:20:27.051Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	tcp	10.10.2.128	54217	79.72.91.216	53
755	ENG-WS-028	2026-02-15T09:05:18.494Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.2.128	63535	41.192.202.203	443
756	ENG-WS-028	2026-02-16T03:13:20.703Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.2.128	49784	48.57.122.112	443
757	ENG-WS-028	2026-02-11T13:17:46.816Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.2.128	58165	103.117.37.106	8080	akamai.net
758	ENG-WS-028	2026-02-14T16:25:49.345Z	3	C:\Windows\System32\svchost.exe	ACME\emartinez	udp	10.10.2.128	52892	10.10.2.113	443
759	ENG-WS-028	2026-02-15T04:25:25.982Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	tcp	10.10.2.128	58055	10.10.1.103	8080
760	ENG-WS-028	2026-02-18T01:46:09.714Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	udp	10.10.2.128	55330	10.10.1.139	53
761	ENG-WS-028	2026-02-11T16:21:45.633Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	udp	10.10.2.128	53014	69.127.7.180	53
762	ENG-WS-028	2026-02-17T01:33:56.763Z	3	C:\Windows\System32\taskhostw.exe	ACME\emartinez	udp	10.10.2.128	50470	65.101.62.130	389
763	LEG-WS-029	2026-02-12T03:22:56.876Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.129	58154	194.208.71.186	80
764	LEG-WS-029	2026-02-16T07:32:58.214Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.129	57835	10.10.2.164	80
765	LEG-WS-029	2026-02-13T05:04:24.347Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.129	53746	10.10.1.118	389
766	LEG-WS-029	2026-02-19T07:21:35.829Z	3	C:\Windows\System32\code.exe	ACME\bwilson	tcp	10.10.3.129	53187	54.69.77.123	389
767	LEG-WS-029	2026-02-19T18:29:37.335Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.3.129	60020	205.167.19.100	3389	cloudflare.com
768	LEG-WS-029	2026-02-15T17:12:31.025Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.3.129	59734	130.217.206.180	389
769	LEG-WS-029	2026-02-18T12:23:31.773Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.3.129	61461	218.4.231.101	443
770	LEG-WS-029	2026-02-19T14:05:24.742Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	tcp	10.10.3.129	64483	10.10.3.114	445
771	LEG-WS-029	2026-02-20T17:20:03.901Z	3	C:\Windows\System32\code.exe	ACME\bwilson	tcp	10.10.3.129	54708	90.131.22.146	3389
772	LEG-WS-029	2026-02-14T10:18:27.451Z	3	C:\Windows\System32\spoolsv.exe	ACME\bwilson	udp	10.10.3.129	59112	190.126.100.218	443
773	LEG-WS-029	2026-02-18T02:57:05.807Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.3.129	64662	10.10.3.135	389	draftkings.com
774	LEG-WS-029	2026-02-18T18:38:36.853Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	udp	10.10.3.129	54744	10.10.3.147	445
775	LEG-WS-029	2026-02-18T00:59:32.181Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.3.129	55829	92.161.56.38	445	acme.local
776	LEG-WS-029	2026-02-13T12:57:11.584Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.3.129	60188	10.10.1.142	80
777	LEG-WS-029	2026-02-11T02:59:48.182Z	3	C:\Windows\System32\spoolsv.exe	ACME\bwilson	udp	10.10.3.129	59475	10.10.3.129	80
778	LEG-WS-029	2026-02-13T02:48:59.355Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.129	51929	58.87.79.205	3389	graph.microsoft.com
779	LEG-WS-029	2026-02-17T23:18:15.496Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	tcp	10.10.3.129	62903	10.10.1.139	53
780	LEG-WS-029	2026-02-17T15:03:58.787Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	udp	10.10.3.129	60834	10.10.1.13	80
781	LEG-WS-029	2026-02-13T15:36:20.732Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.3.129	54349	10.10.3.135	53
782	LEG-WS-029	2026-02-11T17:14:55.945Z	3	C:\Windows\System32\System	ACME\bwilson	tcp	10.10.3.129	61293	10.10.1.10	80
783	MKT-WS-030	2026-02-15T06:55:52.290Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	udp	10.10.1.130	63340	10.10.1.139	3389
784	MKT-WS-030	2026-02-14T23:36:05.542Z	3	C:\Windows\System32\teams.exe	ACME\fthompson	udp	10.10.1.130	60990	10.10.3.132	3389
785	MKT-WS-030	2026-02-19T04:52:39.582Z	3	C:\Windows\System32\services.exe	ACME\fthompson	udp	10.10.1.130	63720	220.152.118.27	80	windowsupdate.com
786	MKT-WS-030	2026-02-20T11:03:42.128Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.1.130	54620	92.103.171.46	8080
787	MKT-WS-030	2026-02-16T15:34:54.262Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	tcp	10.10.1.130	64030	10.10.1.160	3389
788	MKT-WS-030	2026-02-11T19:40:12.660Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\fthompson	tcp	10.10.1.130	64611	10.10.1.142	80
789	MKT-WS-030	2026-02-13T10:51:46.421Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.1.130	63700	10.10.1.160	389
790	MKT-WS-030	2026-02-20T05:26:24.683Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\fthompson	udp	10.10.1.130	58974	64.108.140.22	8080
791	MKT-WS-030	2026-02-15T02:04:00.746Z	3	C:\Windows\System32\teams.exe	ACME\fthompson	tcp	10.10.1.130	49353	10.10.3.174	445
792	MKT-WS-030	2026-02-17T17:01:14.267Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.1.130	64741	10.10.3.144	53	www.bet365.com
793	MKT-WS-030	2026-02-19T04:49:31.620Z	3	C:\Windows\System32\lsass.exe	ACME\fthompson	udp	10.10.1.130	51216	10.10.1.106	443
794	MKT-WS-030	2026-02-15T10:14:47.651Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.1.130	63368	10.10.2.131	53
795	MKT-WS-030	2026-02-15T05:51:46.476Z	3	C:\Windows\System32\lsass.exe	ACME\fthompson	udp	10.10.1.130	63520	10.10.3.141	8080
796	MKT-WS-030	2026-02-15T19:22:14.433Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.1.130	53051	10.10.2.137	3389
797	MKT-WS-030	2026-02-12T23:40:35.558Z	3	C:\Windows\System32\taskhostw.exe	ACME\fthompson	tcp	10.10.1.130	61070	217.52.221.4	3389
798	EXEC-WS-031	2026-02-18T13:34:41.040Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	udp	10.10.2.131	63296	28.0.24.107	80
799	EXEC-WS-031	2026-02-17T03:43:02.009Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_backup	udp	10.10.2.131	55354	176.135.187.57	53	update.microsoft.com
800	EXEC-WS-031	2026-02-12T21:26:15.499Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	tcp	10.10.2.131	58849	71.78.43.254	443
801	EXEC-WS-031	2026-02-18T08:40:11.977Z	3	C:\Windows\System32\dwm.exe	ACME\svc_backup	udp	10.10.2.131	58893	10.10.1.163	80
802	EXEC-WS-031	2026-02-16T22:08:37.242Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	udp	10.10.2.131	57884	10.10.1.121	53
803	EXEC-WS-031	2026-02-11T21:37:26.370Z	3	C:\Windows\System32\dwm.exe	ACME\svc_backup	udp	10.10.2.131	64125	10.10.2.104	389
804	EXEC-WS-031	2026-02-13T22:55:52.777Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_backup	udp	10.10.2.131	54044	10.10.2.125	443	acme.sharepoint.com
805	EXEC-WS-031	2026-02-20T06:27:07.955Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.131	60427	138.146.31.60	445
806	EXEC-WS-031	2026-02-15T02:17:18.217Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_backup	tcp	10.10.2.131	49645	10.10.1.139	8080
807	EXEC-WS-031	2026-02-11T01:30:08.501Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	tcp	10.10.2.131	55948	10.10.3.105	389
808	EXEC-WS-031	2026-02-14T02:13:01.369Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	udp	10.10.2.131	62249	168.176.34.67	53
809	EXEC-WS-031	2026-02-12T04:32:56.934Z	3	C:\Windows\System32\System	ACME\svc_backup	udp	10.10.2.131	56730	10.10.3.159	3389
810	EXEC-WS-031	2026-02-19T20:33:01.748Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	tcp	10.10.2.131	52710	200.199.248.55	3389
811	EXEC-WS-031	2026-02-11T18:36:34.836Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_backup	udp	10.10.2.131	59093	204.61.244.212	3389
812	EXEC-WS-031	2026-02-13T23:24:03.881Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	udp	10.10.2.131	49882	10.10.2.116	80
813	EXEC-WS-031	2026-02-12T02:39:34.841Z	3	C:\Windows\System32\smss.exe	ACME\svc_backup	tcp	10.10.2.131	50445	150.7.47.3	80
814	EXEC-WS-031	2026-02-16T04:14:27.011Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.131	59154	10.10.1.130	80
815	EXEC-WS-031	2026-02-19T18:08:25.894Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	udp	10.10.2.131	54919	10.216.0.116	8080
816	EXEC-WS-031	2026-02-16T00:19:16.514Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	tcp	10.10.2.131	50572	10.10.3.108	443
817	EXEC-WS-031	2026-02-13T08:37:41.159Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_backup	tcp	10.10.2.131	59781	10.10.2.11	445
818	EXEC-WS-031	2026-02-13T04:36:57.169Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.131	54402	131.113.4.80	8080
819	EXEC-WS-031	2026-02-16T01:16:10.831Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	udp	10.10.2.131	54478	24.110.18.18	443
820	EXEC-WS-031	2026-02-12T08:00:11.752Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	tcp	10.10.2.131	58419	10.10.1.109	445
821	EXEC-WS-031	2026-02-20T04:09:33.514Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_backup	tcp	10.10.2.131	51470	10.10.2.146	389
822	EXEC-WS-031	2026-02-16T13:55:08.492Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_backup	udp	10.10.2.131	55732	10.10.2.140	53
823	EXEC-WS-031	2026-02-11T10:36:15.681Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	udp	10.10.2.131	64148	126.50.220.142	80	google.com
824	EXEC-WS-031	2026-02-14T02:33:26.599Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.131	50847	10.10.1.106	443
825	EXEC-WS-031	2026-02-15T01:22:26.844Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_backup	udp	10.10.2.131	53847	10.10.3.105	80
826	EXEC-WS-031	2026-02-14T22:36:31.510Z	3	C:\Windows\System32\svchost.exe	ACME\svc_backup	tcp	10.10.2.131	57702	82.157.125.85	8080
827	EXEC-WS-031	2026-02-17T19:39:43.871Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	tcp	10.10.2.131	63611	180.76.78.157	445
828	EXEC-WS-031	2026-02-15T16:33:52.617Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	tcp	10.10.2.131	53011	172.165.43.174	8080
829	IT-WS-032	2026-02-13T01:24:36.725Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.3.132	54035	216.219.29.240	445
830	IT-WS-032	2026-02-15T21:03:14.910Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.3.132	60211	22.202.60.85	80
831	IT-WS-032	2026-02-20T06:01:00.945Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	tcp	10.10.3.132	57509	210.6.255.137	80
832	IT-WS-032	2026-02-10T16:31:34.418Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	tcp	10.10.3.132	62110	116.10.118.78	443
833	IT-WS-032	2026-02-17T05:42:17.714Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	udp	10.10.3.132	50569	173.209.144.97	3389
834	IT-WS-032	2026-02-20T03:36:04.424Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.3.132	59611	112.85.47.145	389
835	IT-WS-032	2026-02-16T11:29:48.788Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.3.132	60998	101.130.226.16	445
836	IT-WS-032	2026-02-13T07:21:42.429Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.132	59611	118.39.129.76	8080
837	IT-WS-032	2026-02-15T04:16:28.713Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.3.132	49231	52.57.54.197	8080
838	IT-WS-032	2026-02-10T17:10:55.999Z	3	C:\Windows\System32\services.exe	ACME\svc_web	udp	10.10.3.132	62284	10.10.1.145	389
839	IT-WS-032	2026-02-10T22:45:00.987Z	3	C:\Windows\System32\svchost.exe	ACME\svc_web	tcp	10.10.3.132	59379	59.103.152.144	3389
840	IT-WS-032	2026-02-17T20:19:17.768Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.3.132	52199	10.10.2.161	445
841	IT-WS-032	2026-02-20T02:37:47.611Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.3.132	63692	129.49.43.93	3389
842	IT-WS-032	2026-02-20T14:01:14.023Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_web	tcp	10.10.3.132	61936	154.174.126.212	443
843	IT-WS-032	2026-02-18T18:48:03.559Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.3.132	65298	10.10.2.110	80
844	IT-WS-032	2026-02-18T15:44:50.059Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.3.132	55180	10.10.2.107	80
845	IT-WS-032	2026-02-16T10:48:25.100Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.132	60612	41.48.93.138	53
846	IT-WS-032	2026-02-12T04:24:47.049Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.3.132	59660	12.163.144.234	389
847	IT-WS-032	2026-02-17T17:03:02.670Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_web	tcp	10.10.3.132	54848	10.10.1.136	80
848	IT-WS-032	2026-02-17T22:44:43.923Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	tcp	10.10.3.132	51859	10.10.2.104	445
849	IT-WS-032	2026-02-14T05:03:04.611Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.3.132	64358	42.124.109.103	443
850	IT-WS-032	2026-02-14T18:03:22.693Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.3.132	51491	10.10.2.128	53
851	IT-WS-032	2026-02-14T03:49:06.636Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_web	udp	10.10.3.132	55554	10.10.1.157	8080
852	IT-WS-032	2026-02-11T06:24:07.777Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.3.132	49324	10.10.2.113	445
853	IT-WS-032	2026-02-14T06:14:21.217Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	tcp	10.10.3.132	56619	152.214.49.45	8080
854	IT-WS-032	2026-02-14T22:42:33.061Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.132	53469	10.10.1.10	443
855	IT-WS-032	2026-02-17T00:14:15.917Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	udp	10.10.3.132	64251	129.161.18.116	53
856	IT-WS-032	2026-02-16T22:03:19.373Z	3	C:\Windows\System32\code.exe	ACME\svc_web	tcp	10.10.3.132	52604	10.10.1.127	443
857	IT-WS-032	2026-02-18T17:41:28.714Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.3.132	58331	2.25.52.193	80
858	IT-WS-032	2026-02-18T04:16:24.099Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	udp	10.10.3.132	51643	176.77.71.22	80	google.com
859	IT-WS-032	2026-02-14T13:47:30.964Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.132	56575	10.10.2.107	53
860	IT-WS-032	2026-02-13T11:19:26.595Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.132	53376	182.138.29.7	3389
861	IT-WS-032	2026-02-18T17:48:03.560Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.3.132	59209	142.200.5.104	53
862	IT-WS-032	2026-02-16T15:51:11.633Z	3	C:\Windows\System32\svchost.exe	ACME\svc_web	udp	10.10.3.132	63663	10.10.1.118	445
863	IT-WS-032	2026-02-16T06:12:41.652Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.3.132	62851	10.10.2.158	53
864	IT-WS-032	2026-02-10T21:04:35.871Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.3.132	57173	10.10.3.10	8080
865	IT-WS-032	2026-02-12T15:38:28.167Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	udp	10.10.3.132	59125	10.10.2.11	53
866	HR-WS-033	2026-02-18T05:17:04.331Z	3	C:\Windows\System32\smss.exe	ACME\admin	tcp	10.10.1.133	55667	10.10.1.118	53	google.com
867	HR-WS-033	2026-02-19T18:26:19.870Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	tcp	10.10.1.133	61718	10.10.1.160	443
868	HR-WS-033	2026-02-14T18:54:13.754Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.133	49378	10.10.2.104	53
869	HR-WS-033	2026-02-18T07:54:31.088Z	3	C:\Windows\System32\smss.exe	ACME\admin	udp	10.10.1.133	61431	10.10.1.109	445
870	HR-WS-033	2026-02-11T23:21:20.622Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	udp	10.10.1.133	62047	136.75.190.105	80
871	HR-WS-033	2026-02-10T13:22:34.720Z	3	C:\Windows\System32\services.exe	ACME\admin	tcp	10.10.1.133	65517	113.211.47.57	3389
872	HR-WS-033	2026-02-18T00:07:38.784Z	3	C:\Windows\System32\teams.exe	ACME\admin	tcp	10.10.1.133	51259	137.119.214.86	389	file-01.acme.local
873	HR-WS-033	2026-02-12T06:03:34.013Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.1.133	60803	143.81.162.135	443
874	HR-WS-033	2026-02-18T03:40:29.570Z	3	C:\Windows\System32\csrss.exe	ACME\admin	tcp	10.10.1.133	64719	10.10.1.124	8080
875	HR-WS-033	2026-02-11T21:13:13.324Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.133	57115	10.10.1.11	443
876	HR-WS-033	2026-02-16T02:59:05.813Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	udp	10.10.1.133	49175	10.10.2.161	389
877	HR-WS-033	2026-02-14T21:47:27.605Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.133	49364	211.92.213.23	445
878	HR-WS-033	2026-02-18T20:51:22.594Z	3	C:\Windows\System32\lsass.exe	ACME\admin	udp	10.10.1.133	52578	131.81.223.121	8080
879	HR-WS-033	2026-02-12T02:07:32.624Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.133	54454	10.10.1.106	53
880	HR-WS-033	2026-02-19T17:24:37.450Z	3	C:\Windows\System32\dwm.exe	ACME\admin	udp	10.10.1.133	58610	102.225.79.178	80
881	HR-WS-033	2026-02-15T03:41:32.509Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	tcp	10.10.1.133	53642	10.10.2.152	53
882	HR-WS-033	2026-02-13T01:49:33.947Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.133	56668	196.178.170.219	80
883	HR-WS-033	2026-02-11T10:29:05.850Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.1.133	57299	153.176.117.41	80
884	HR-WS-033	2026-02-18T19:11:02.419Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.1.133	63085	185.194.188.68	445
885	HR-WS-033	2026-02-16T19:59:55.381Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.133	62630	10.10.3.111	445
886	HR-WS-033	2026-02-13T11:03:15.227Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.133	64123	122.51.231.168	3389
887	HR-WS-033	2026-02-17T06:22:49.698Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	udp	10.10.1.133	50546	10.10.2.161	80
888	HR-WS-033	2026-02-12T08:24:42.988Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.133	59217	17.183.28.3	443
889	HR-WS-033	2026-02-13T15:58:25.777Z	3	C:\Windows\System32\powershell.exe	ACME\admin	udp	10.10.1.133	55477	10.10.1.142	53
890	HR-WS-033	2026-02-11T01:51:42.670Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.133	49691	10.10.3.132	445
891	HR-WS-033	2026-02-11T00:33:21.414Z	3	C:\Windows\System32\svchost.exe	ACME\admin	tcp	10.10.1.133	61851	10.10.1.112	3389	time.windows.com
892	HR-WS-033	2026-02-16T18:47:17.482Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.1.133	58108	10.10.3.111	8080
893	HR-WS-033	2026-02-19T17:03:13.514Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.1.133	60428	10.10.2.164	80
894	HR-WS-033	2026-02-14T16:35:17.933Z	3	C:\Windows\System32\System	ACME\admin	tcp	10.10.1.133	62239	10.4.18.17	443	graph.microsoft.com
895	HR-WS-033	2026-02-19T12:43:40.252Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.133	50926	10.10.1.169	8080
896	HR-WS-033	2026-02-14T12:13:42.305Z	3	C:\Windows\System32\powershell.exe	ACME\admin	udp	10.10.1.133	50323	10.10.1.136	3389
897	HR-WS-033	2026-02-19T03:50:41.498Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.133	53273	10.10.2.119	80
898	FIN-WS-034	2026-02-19T17:22:27.964Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.2.134	60412	10.10.2.161	389
899	FIN-WS-034	2026-02-11T15:04:38.658Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	udp	10.10.2.134	64031	108.62.103.177	8080
900	FIN-WS-034	2026-02-11T13:15:26.635Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.2.134	59175	80.43.215.235	3389
901	FIN-WS-034	2026-02-17T00:08:08.274Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.2.134	62956	10.10.3.111	3389	akamai.net
902	FIN-WS-034	2026-02-17T07:14:54.233Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.2.134	59913	10.10.1.109	3389	teams.microsoft.com
903	FIN-WS-034	2026-02-17T08:38:15.272Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.2.134	65049	10.10.3.102	443
904	FIN-WS-034	2026-02-17T14:51:48.045Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.2.134	53073	10.10.2.122	8080
905	FIN-WS-034	2026-02-14T16:59:24.496Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	tcp	10.10.2.134	63148	54.173.168.115	80
906	FIN-WS-034	2026-02-17T13:20:00.761Z	3	C:\Windows\System32\services.exe	ACME\idavis	udp	10.10.2.134	53648	10.10.2.122	8080
907	FIN-WS-034	2026-02-16T19:54:40.411Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	udp	10.10.2.134	58337	10.10.3.150	53	login.microsoftonline.com
908	FIN-WS-034	2026-02-18T20:25:15.703Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.2.134	59198	150.162.79.168	8080
909	FIN-WS-034	2026-02-16T16:05:41.861Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.2.134	64819	165.218.96.254	443
910	FIN-WS-034	2026-02-12T20:57:51.573Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	tcp	10.10.2.134	50262	10.10.2.11	443
911	FIN-WS-034	2026-02-13T09:39:01.465Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.2.134	49550	10.10.3.129	445
912	FIN-WS-034	2026-02-11T22:57:07.840Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.2.134	50141	75.185.97.137	389
913	FIN-WS-034	2026-02-20T14:56:30.903Z	3	C:\Windows\System32\explorer.exe	ACME\idavis	tcp	10.10.2.134	63177	199.164.248.254	445
914	FIN-WS-034	2026-02-14T06:05:36.689Z	3	C:\Windows\System32\System	ACME\idavis	tcp	10.10.2.134	64414	10.10.2.167	389
915	FIN-WS-034	2026-02-13T12:41:58.179Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.2.134	56329	12.182.62.178	443
916	FIN-WS-034	2026-02-12T02:26:34.874Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.2.134	57280	10.10.3.165	3389
917	FIN-WS-034	2026-02-19T02:49:15.330Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.2.134	60982	10.10.1.13	389
918	FIN-WS-034	2026-02-13T11:23:15.123Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.2.134	53191	10.10.2.107	53
919	FIN-WS-034	2026-02-17T03:24:24.381Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.2.134	55652	209.38.225.192	80
920	FIN-WS-034	2026-02-16T22:48:26.583Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.2.134	56421	10.10.2.113	443
921	FIN-WS-034	2026-02-19T16:02:47.958Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.2.134	61242	205.252.122.109	3389
922	SLS-WS-035	2026-02-15T04:23:41.236Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.135	64539	130.36.151.193	80	googleapis.com
923	SLS-WS-035	2026-02-17T11:19:50.696Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.135	62350	54.253.64.30	80
924	SLS-WS-035	2026-02-16T16:26:58.469Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	tcp	10.10.3.135	63959	10.10.2.164	443
925	SLS-WS-035	2026-02-20T12:57:24.172Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	tcp	10.10.3.135	64343	10.10.3.123	443
926	SLS-WS-035	2026-02-19T06:04:59.546Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	tcp	10.10.3.135	65182	56.171.186.99	3389
927	SLS-WS-035	2026-02-10T12:12:12.440Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.3.135	50966	10.10.2.107	8080
928	SLS-WS-035	2026-02-10T22:12:41.274Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.3.135	56790	10.10.2.137	53	windowsupdate.com
929	SLS-WS-035	2026-02-11T00:58:51.382Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.135	51892	10.10.1.121	53
930	SLS-WS-035	2026-02-10T15:59:59.421Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.3.135	51374	10.10.3.165	8080
931	SLS-WS-035	2026-02-12T12:05:28.488Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.135	63708	167.45.110.155	8080
932	SLS-WS-035	2026-02-15T04:46:56.692Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	tcp	10.10.3.135	63923	165.148.168.25	8080
933	SLS-WS-035	2026-02-18T06:27:53.649Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.3.135	50383	2.228.206.75	445
934	SLS-WS-035	2026-02-11T06:00:25.052Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.3.135	52983	166.189.79.185	80
935	SLS-WS-035	2026-02-20T17:09:11.026Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	tcp	10.10.3.135	54550	189.1.177.69	445
936	SLS-WS-035	2026-02-14T10:51:09.345Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	udp	10.10.3.135	59161	10.10.1.166	445
937	SLS-WS-035	2026-02-12T18:02:30.507Z	3	C:\Windows\System32\taskhostw.exe	ACME\bwilson	tcp	10.10.3.135	60169	10.10.1.109	53
938	SLS-WS-035	2026-02-14T02:05:24.535Z	3	C:\Windows\System32\spoolsv.exe	ACME\bwilson	udp	10.10.3.135	63908	82.4.186.190	3389
939	SLS-WS-035	2026-02-12T23:58:15.008Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	tcp	10.10.3.135	60324	221.4.151.109	53
940	SLS-WS-035	2026-02-10T08:42:54.526Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.3.135	58634	10.10.3.120	8080
941	SLS-WS-035	2026-02-17T07:19:12.461Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.135	55937	10.10.1.13	8080
942	SLS-WS-035	2026-02-10T20:57:07.056Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	udp	10.10.3.135	63337	26.232.202.222	443
943	SLS-WS-035	2026-02-14T03:10:31.036Z	3	C:\Windows\System32\teams.exe	ACME\bwilson	tcp	10.10.3.135	60759	211.216.217.224	8080
944	SLS-WS-035	2026-02-15T18:07:17.735Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.3.135	56865	10.10.3.111	389
945	SLS-WS-035	2026-02-19T15:26:48.553Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	udp	10.10.3.135	63013	89.61.176.27	445
946	SLS-WS-035	2026-02-12T03:08:58.892Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	udp	10.10.3.135	53357	209.3.133.139	8080
947	SLS-WS-035	2026-02-14T03:24:38.268Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.3.135	56867	111.7.21.21	3389
948	SLS-WS-035	2026-02-16T00:09:56.471Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.3.135	64105	10.10.1.166	3389
949	SLS-WS-035	2026-02-10T12:49:25.895Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.135	65244	10.10.2.119	445
950	SLS-WS-035	2026-02-10T14:48:48.755Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	udp	10.10.3.135	59639	71.135.220.23	443
951	SLS-WS-035	2026-02-13T04:23:52.454Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.3.135	51439	168.52.233.170	443
952	SLS-WS-035	2026-02-17T23:30:49.560Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.3.135	64941	83.3.97.19	443
953	SLS-WS-035	2026-02-14T22:25:18.960Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	tcp	10.10.3.135	63202	10.10.3.162	445
954	SLS-WS-035	2026-02-16T04:56:38.323Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	tcp	10.10.3.135	57521	10.10.3.123	53
955	SLS-WS-035	2026-02-15T11:44:14.186Z	3	C:\Windows\System32\services.exe	ACME\bwilson	udp	10.10.3.135	60550	193.242.71.137	8080
956	SLS-WS-035	2026-02-11T10:28:12.189Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	tcp	10.10.3.135	50659	185.102.254.172	443
957	SLS-WS-035	2026-02-14T00:06:54.137Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.3.135	62192	10.10.1.136	80
958	SLS-WS-035	2026-02-12T07:23:09.751Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.3.135	60452	12.184.71.209	53
959	SLS-WS-035	2026-02-11T13:45:11.732Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.3.135	63277	84.156.241.124	8080
960	SLS-WS-035	2026-02-16T06:36:42.509Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	udp	10.10.3.135	63816	76.197.110.87	389
961	SLS-WS-035	2026-02-13T06:49:57.096Z	3	C:\Windows\System32\OneDrive.exe	ACME\bwilson	udp	10.10.3.135	60707	176.206.204.246	80
962	SLS-WS-035	2026-02-18T06:41:25.073Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	tcp	10.10.3.135	65160	46.100.63.39	53
963	SLS-WS-035	2026-02-13T16:05:48.997Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	udp	10.10.3.135	54087	10.10.2.10	8080
964	SLS-WS-035	2026-02-15T14:53:50.331Z	3	C:\Windows\System32\code.exe	ACME\bwilson	tcp	10.10.3.135	57894	10.10.1.115	443
965	SLS-WS-035	2026-02-10T10:51:27.313Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.3.135	62080	82.9.148.135	445	npmjs.com
966	ENG-WS-036	2026-02-16T22:10:33.469Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	tcp	10.10.1.136	50165	69.15.65.144	3389
967	ENG-WS-036	2026-02-19T03:31:36.461Z	3	C:\Windows\System32\winlogon.exe	ACME\fthompson	udp	10.10.1.136	49961	56.118.164.40	8080
968	ENG-WS-036	2026-02-14T00:08:08.545Z	3	C:\Windows\System32\SearchHost.exe	ACME\fthompson	tcp	10.10.1.136	60946	174.254.80.18	445
969	ENG-WS-036	2026-02-16T16:12:50.771Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.1.136	50557	32.245.168.62	443
970	ENG-WS-036	2026-02-11T23:57:44.496Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.1.136	55952	220.143.122.158	445
971	ENG-WS-036	2026-02-10T10:33:51.788Z	3	C:\Windows\System32\smss.exe	ACME\fthompson	tcp	10.10.1.136	50075	87.225.55.122	3389
972	ENG-WS-036	2026-02-16T01:05:46.076Z	3	C:\Windows\System32\notepad.exe	ACME\fthompson	udp	10.10.1.136	59187	10.10.2.10	389
973	ENG-WS-036	2026-02-19T20:50:47.805Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.1.136	52338	140.232.162.232	389
974	ENG-WS-036	2026-02-17T16:35:12.802Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	tcp	10.10.1.136	54215	10.10.1.112	80
975	ENG-WS-036	2026-02-11T19:30:35.298Z	3	C:\Windows\System32\code.exe	ACME\fthompson	udp	10.10.1.136	58621	180.210.51.219	445
976	ENG-WS-036	2026-02-14T13:36:20.595Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.1.136	55347	17.7.65.16	443
977	ENG-WS-036	2026-02-14T05:08:42.324Z	3	C:\Windows\System32\teams.exe	ACME\fthompson	udp	10.10.1.136	64632	143.189.244.202	80
978	ENG-WS-036	2026-02-17T07:41:03.947Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\fthompson	udp	10.10.1.136	62942	41.221.122.219	389
979	ENG-WS-036	2026-02-14T20:37:46.767Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.1.136	49827	10.10.1.127	389	cdn.jsdelivr.net
980	ENG-WS-036	2026-02-17T04:11:01.291Z	3	C:\Windows\System32\notepad.exe	ACME\fthompson	udp	10.10.1.136	61537	18.81.107.185	445
981	ENG-WS-036	2026-02-15T11:28:25.070Z	3	C:\Windows\System32\taskhostw.exe	ACME\fthompson	tcp	10.10.1.136	49875	10.10.3.102	80
982	ENG-WS-036	2026-02-13T05:34:43.366Z	3	C:\Windows\System32\cmd.exe	ACME\fthompson	tcp	10.10.1.136	56243	148.14.228.72	53
983	ENG-WS-036	2026-02-11T11:20:36.133Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	udp	10.10.1.136	56466	8.242.32.207	3389
984	ENG-WS-036	2026-02-15T22:25:17.664Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	tcp	10.10.1.136	49996	10.10.2.167	3389
985	ENG-WS-036	2026-02-11T17:07:45.571Z	3	C:\Program Files\chrome.exe	ACME\fthompson	tcp	10.10.1.136	62496	10.10.2.170	389
986	ENG-WS-036	2026-02-10T23:56:53.513Z	3	C:\Windows\System32\winlogon.exe	ACME\fthompson	udp	10.10.1.136	54500	10.10.2.11	443
987	ENG-WS-036	2026-02-11T01:31:27.909Z	3	C:\Windows\System32\dwm.exe	ACME\fthompson	udp	10.10.1.136	62275	197.93.31.224	53
988	ENG-WS-036	2026-02-12T20:42:23.169Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\fthompson	udp	10.10.1.136	56005	18.237.134.126	3389
989	ENG-WS-036	2026-02-16T22:09:27.430Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	udp	10.10.1.136	49406	10.10.3.168	443
990	ENG-WS-036	2026-02-17T12:51:07.067Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	udp	10.10.1.136	62452	10.10.3.114	53	draftkings.com
991	ENG-WS-036	2026-02-14T14:07:21.039Z	3	C:\Windows\System32\SearchHost.exe	ACME\fthompson	tcp	10.10.1.136	62730	10.10.3.147	443
992	ENG-WS-036	2026-02-17T12:58:21.467Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	udp	10.10.1.136	56873	10.10.2.134	3389
993	ENG-WS-036	2026-02-14T15:29:00.923Z	3	C:\Windows\System32\code.exe	ACME\fthompson	tcp	10.10.1.136	63447	223.126.254.18	80
994	ENG-WS-036	2026-02-19T09:27:30.843Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.1.136	51788	10.10.2.116	389
995	ENG-WS-036	2026-02-13T02:44:40.314Z	3	C:\Windows\System32\MsMpEng.exe	ACME\fthompson	tcp	10.10.1.136	50947	17.210.196.168	53
996	ENG-WS-036	2026-02-18T18:38:45.623Z	3	C:\Windows\System32\taskhostw.exe	ACME\fthompson	tcp	10.10.1.136	50291	10.10.3.117	3389
997	ENG-WS-036	2026-02-18T06:28:06.661Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.1.136	55447	210.151.91.163	445
998	ENG-WS-036	2026-02-13T01:54:45.354Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.1.136	62680	103.156.214.212	53
999	ENG-WS-036	2026-02-19T16:07:56.921Z	3	C:\Windows\System32\smss.exe	ACME\fthompson	tcp	10.10.1.136	64797	10.10.1.160	3389
1000	ENG-WS-036	2026-02-16T03:28:53.151Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	udp	10.10.1.136	50635	16.79.188.28	443
1001	ENG-WS-036	2026-02-12T02:55:46.329Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	tcp	10.10.1.136	51560	61.134.149.18	443
1002	ENG-WS-036	2026-02-15T02:38:53.884Z	3	C:\Program Files\chrome.exe	ACME\fthompson	udp	10.10.1.136	54856	106.12.71.39	445
1003	ENG-WS-036	2026-02-11T22:13:12.271Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	tcp	10.10.1.136	54729	145.100.113.171	389
1004	ENG-WS-036	2026-02-19T01:50:10.474Z	3	C:\Windows\System32\teams.exe	ACME\fthompson	tcp	10.10.1.136	58017	10.10.1.106	80
1005	ENG-WS-036	2026-02-18T16:01:31.667Z	3	C:\Windows\System32\notepad.exe	ACME\fthompson	tcp	10.10.1.136	57365	10.10.2.152	445
1006	ENG-WS-036	2026-02-14T12:16:00.816Z	3	C:\Windows\System32\services.exe	ACME\fthompson	tcp	10.10.1.136	57943	10.10.3.123	53	google.com
1007	LEG-WS-037	2026-02-15T02:17:53.846Z	3	C:\Program Files\msedge.exe	ACME\jsmith	tcp	10.10.2.137	65243	163.86.221.185	443
1008	LEG-WS-037	2026-02-13T15:04:43.336Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.137	57886	10.10.1.163	80	windowsupdate.com
1009	LEG-WS-037	2026-02-14T16:06:14.955Z	3	C:\Windows\System32\SearchHost.exe	ACME\jsmith	tcp	10.10.2.137	53824	10.10.1.169	3389	draftkings.com
1010	LEG-WS-037	2026-02-18T06:12:29.285Z	3	C:\Windows\System32\taskhostw.exe	ACME\jsmith	tcp	10.10.2.137	63872	160.116.60.38	389	aws.amazon.com
1011	LEG-WS-037	2026-02-17T07:51:44.564Z	3	C:\Windows\System32\taskhostw.exe	ACME\jsmith	udp	10.10.2.137	58080	10.10.2.131	80
1012	LEG-WS-037	2026-02-12T05:50:00.632Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.137	55121	10.10.2.110	443	akamai.net
1013	LEG-WS-037	2026-02-16T17:46:45.434Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.137	53897	10.10.2.125	8080	exch-01.acme.local
1014	LEG-WS-037	2026-02-12T01:35:18.703Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.137	55762	10.10.3.108	389
1015	LEG-WS-037	2026-02-12T22:09:39.133Z	3	C:\Windows\System32\dwm.exe	ACME\jsmith	udp	10.10.2.137	61727	157.6.231.197	443
1016	LEG-WS-037	2026-02-18T18:54:09.072Z	3	C:\Windows\System32\MsMpEng.exe	ACME\jsmith	tcp	10.10.2.137	53659	209.173.148.184	80
1017	LEG-WS-037	2026-02-16T10:14:30.036Z	3	C:\Program Files\msedge.exe	ACME\jsmith	tcp	10.10.2.137	54301	10.10.1.172	445
1018	LEG-WS-037	2026-02-12T07:38:52.212Z	3	C:\Program Files\chrome.exe	ACME\jsmith	tcp	10.10.2.137	56769	10.10.1.121	389
1019	LEG-WS-037	2026-02-19T02:22:05.517Z	3	C:\Windows\System32\explorer.exe	ACME\jsmith	tcp	10.10.2.137	51153	14.4.19.56	389	googleapis.com
1020	LEG-WS-037	2026-02-19T05:02:00.221Z	3	C:\Windows\System32\teams.exe	ACME\jsmith	udp	10.10.2.137	52595	210.86.57.198	53
1021	LEG-WS-037	2026-02-20T12:02:12.457Z	3	C:\Windows\System32\notepad.exe	ACME\jsmith	tcp	10.10.2.137	62060	10.10.3.147	443
1022	LEG-WS-037	2026-02-10T20:20:49.491Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.2.137	52076	10.10.3.129	53
1023	LEG-WS-037	2026-02-17T17:10:17.666Z	3	C:\Windows\System32\teams.exe	ACME\jsmith	tcp	10.10.2.137	64536	45.26.184.141	80
1024	LEG-WS-037	2026-02-12T13:36:24.819Z	3	C:\Windows\System32\dwm.exe	ACME\jsmith	udp	10.10.2.137	54084	10.10.1.12	53
1025	LEG-WS-037	2026-02-15T15:40:03.537Z	3	C:\Windows\System32\SearchHost.exe	ACME\jsmith	tcp	10.10.2.137	55172	10.10.1.124	80
1026	LEG-WS-037	2026-02-20T08:47:40.919Z	3	C:\Windows\System32\svchost.exe	ACME\jsmith	udp	10.10.2.137	51137	4.54.149.58	389
1027	LEG-WS-037	2026-02-17T19:46:49.473Z	3	C:\Windows\System32\svchost.exe	ACME\jsmith	tcp	10.10.2.137	54412	10.10.1.106	53
1028	MKT-WS-038	2026-02-12T15:08:42.686Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	udp	10.10.3.138	65531	9.6.189.69	53	graph.microsoft.com
1029	MKT-WS-038	2026-02-17T11:16:45.161Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.3.138	61023	195.62.120.240	80
1030	MKT-WS-038	2026-02-16T09:00:22.072Z	3	C:\Windows\System32\csrss.exe	ACME\cjohnson	tcp	10.10.3.138	60479	10.10.3.129	3389
1031	MKT-WS-038	2026-02-17T02:05:45.314Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.3.138	52505	10.10.3.171	445
1032	MKT-WS-038	2026-02-11T19:38:27.439Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.3.138	58719	10.10.3.126	3389
1033	MKT-WS-038	2026-02-16T12:11:33.011Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.3.138	57879	119.101.163.145	3389
1034	MKT-WS-038	2026-02-12T19:05:48.793Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.3.138	51995	10.10.2.11	389
1035	MKT-WS-038	2026-02-11T07:41:19.111Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.3.138	58959	10.10.3.171	53
1036	MKT-WS-038	2026-02-17T11:04:56.202Z	3	C:\Windows\System32\lsass.exe	ACME\cjohnson	tcp	10.10.3.138	62704	10.10.1.166	445
1037	MKT-WS-038	2026-02-18T05:34:58.469Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	tcp	10.10.3.138	59206	10.10.3.120	389
1038	MKT-WS-038	2026-02-19T10:18:20.030Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	tcp	10.10.3.138	59878	42.182.85.91	443
1039	MKT-WS-038	2026-02-12T13:01:27.031Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	tcp	10.10.3.138	51337	206.110.33.251	53
1040	MKT-WS-038	2026-02-12T18:41:13.150Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	tcp	10.10.3.138	55227	10.10.2.158	3389
1041	MKT-WS-038	2026-02-15T00:57:58.074Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.3.138	61192	10.10.1.139	53
1042	MKT-WS-038	2026-02-20T10:46:07.695Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	tcp	10.10.3.138	53109	10.10.2.116	445	graph.microsoft.com
1043	MKT-WS-038	2026-02-14T00:38:00.126Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.3.138	53009	5.248.152.171	3389
1044	MKT-WS-038	2026-02-13T17:36:33.512Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.3.138	50757	10.10.3.168	8080
1045	MKT-WS-038	2026-02-13T22:40:47.159Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.3.138	52216	138.9.99.4	80
1046	MKT-WS-038	2026-02-11T10:07:51.736Z	3	C:\Windows\System32\csrss.exe	ACME\cjohnson	tcp	10.10.3.138	52047	10.10.2.11	8080
1047	MKT-WS-038	2026-02-14T16:41:43.634Z	3	C:\Windows\System32\spoolsv.exe	ACME\cjohnson	udp	10.10.3.138	63277	35.233.39.12	80
1048	MKT-WS-038	2026-02-17T18:02:29.865Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	udp	10.10.3.138	63199	10.10.1.145	3389	googleapis.com
1049	MKT-WS-038	2026-02-13T18:35:28.972Z	3	C:\Windows\System32\spoolsv.exe	ACME\cjohnson	udp	10.10.3.138	55061	222.173.165.167	445
1050	MKT-WS-038	2026-02-13T20:10:22.591Z	3	C:\Windows\System32\MsMpEng.exe	ACME\cjohnson	udp	10.10.3.138	57550	16.15.52.97	53
1051	MKT-WS-038	2026-02-19T01:44:51.466Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.3.138	50122	17.195.84.57	53
1052	MKT-WS-038	2026-02-13T14:08:13.083Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.3.138	56696	167.87.22.135	80	googleapis.com
1053	MKT-WS-038	2026-02-19T19:51:55.022Z	3	C:\Windows\System32\SearchHost.exe	ACME\cjohnson	udp	10.10.3.138	58141	10.10.2.170	80
1054	MKT-WS-038	2026-02-11T20:57:01.607Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	tcp	10.10.3.138	52789	10.10.2.107	445
1055	MKT-WS-038	2026-02-11T21:46:11.669Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	tcp	10.10.3.138	56088	79.64.211.188	3389
1056	MKT-WS-038	2026-02-16T16:06:52.414Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	tcp	10.10.3.138	57269	10.10.1.118	8080
1057	MKT-WS-038	2026-02-16T11:35:48.727Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.3.138	51961	10.10.3.105	443
1058	MKT-WS-038	2026-02-13T15:45:44.579Z	3	C:\Windows\System32\MsMpEng.exe	ACME\cjohnson	udp	10.10.3.138	56861	72.77.101.102	443
1059	MKT-WS-038	2026-02-10T21:07:44.438Z	3	C:\Windows\System32\services.exe	ACME\cjohnson	udp	10.10.3.138	59977	32.231.52.43	53	acme.sharepoint.com
1060	MKT-WS-038	2026-02-16T01:35:05.179Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	tcp	10.10.3.138	50058	10.10.3.114	445
1061	MKT-WS-038	2026-02-12T21:54:15.993Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	udp	10.10.3.138	59634	221.203.101.6	3389
1062	MKT-WS-038	2026-02-16T03:06:26.381Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.138	55476	116.196.41.60	53
1063	MKT-WS-038	2026-02-12T03:01:11.536Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	tcp	10.10.3.138	49527	10.10.1.112	53	acme.sharepoint.com
1064	MKT-WS-038	2026-02-18T05:13:11.339Z	3	C:\Windows\System32\services.exe	ACME\cjohnson	tcp	10.10.3.138	52066	92.145.50.75	80
1065	MKT-WS-038	2026-02-18T22:29:20.986Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	tcp	10.10.3.138	53561	10.10.1.112	3389
1066	MKT-WS-038	2026-02-15T07:13:18.128Z	3	C:\Windows\System32\System	ACME\cjohnson	udp	10.10.3.138	62132	10.10.2.125	3389
1067	MKT-WS-038	2026-02-17T04:59:27.170Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	tcp	10.10.3.138	52676	10.10.1.166	80
1068	MKT-WS-038	2026-02-13T06:31:46.052Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	tcp	10.10.3.138	50700	10.10.3.108	389
1069	MKT-WS-038	2026-02-19T15:12:47.100Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	tcp	10.10.3.138	55033	199.207.38.38	443
1070	MKT-WS-038	2026-02-19T03:14:50.884Z	3	C:\Windows\System32\services.exe	ACME\cjohnson	udp	10.10.3.138	54718	145.180.45.242	389
1071	MKT-WS-038	2026-02-10T17:20:41.750Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	udp	10.10.3.138	65088	37.13.189.45	8080
1072	MKT-WS-038	2026-02-20T13:26:08.295Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	udp	10.10.3.138	49806	144.255.181.184	3389
1073	MKT-WS-038	2026-02-18T20:47:37.892Z	3	C:\Windows\System32\System	ACME\cjohnson	udp	10.10.3.138	58807	198.9.37.51	445
1074	MKT-WS-038	2026-02-13T01:37:55.220Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.138	64017	10.10.3.123	80
1075	MKT-WS-038	2026-02-16T09:54:41.333Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	tcp	10.10.3.138	63111	10.10.3.159	443
1076	MKT-WS-038	2026-02-15T08:16:15.816Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.3.138	52943	180.152.243.240	445
1077	EXEC-WS-039	2026-02-13T01:33:22.336Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	tcp	10.10.1.139	51986	151.186.28.91	3389
1078	EXEC-WS-039	2026-02-16T19:13:47.492Z	3	C:\Windows\System32\csrss.exe	ACME\admin	tcp	10.10.1.139	64867	10.10.3.10	80
1079	EXEC-WS-039	2026-02-16T06:08:20.087Z	3	C:\Windows\System32\services.exe	ACME\admin	udp	10.10.1.139	56277	114.146.31.120	53
1080	EXEC-WS-039	2026-02-15T18:11:45.124Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.139	59733	7.3.102.171	389	dc-01.acme.local
1081	EXEC-WS-039	2026-02-16T09:52:11.122Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	tcp	10.10.1.139	50533	99.124.201.97	389
1082	EXEC-WS-039	2026-02-15T17:46:12.773Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	udp	10.10.1.139	53214	1.244.119.161	53
1083	EXEC-WS-039	2026-02-10T16:02:12.951Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.139	64051	10.10.3.168	8080
1084	EXEC-WS-039	2026-02-20T00:59:20.807Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.1.139	63151	10.10.1.13	389	pokerstars.com
1085	EXEC-WS-039	2026-02-16T04:00:48.173Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.1.139	63719	128.27.29.23	3389
1086	EXEC-WS-039	2026-02-11T13:24:05.224Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.139	50955	149.46.127.160	3389
1087	EXEC-WS-039	2026-02-20T11:30:06.502Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.139	64689	76.199.192.151	389
1088	EXEC-WS-039	2026-02-15T19:10:42.755Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	tcp	10.10.1.139	57257	10.10.2.10	3389
1089	EXEC-WS-039	2026-02-13T23:23:26.184Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.1.139	59968	151.181.142.162	443	update.microsoft.com
1090	EXEC-WS-039	2026-02-18T02:57:16.002Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.139	52901	10.10.3.111	389
1091	EXEC-WS-039	2026-02-10T19:15:09.893Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.139	63346	10.10.1.151	389
1092	EXEC-WS-039	2026-02-11T14:36:13.498Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.139	56529	212.111.108.48	3389
1093	EXEC-WS-039	2026-02-19T01:18:28.883Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.1.139	52447	131.136.243.34	53
1094	EXEC-WS-039	2026-02-19T20:18:53.271Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.139	51788	151.99.208.179	8080
1095	EXEC-WS-039	2026-02-11T06:10:58.140Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.1.139	53371	10.10.3.162	80
1096	EXEC-WS-039	2026-02-11T22:36:47.859Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.139	58265	10.10.3.108	8080
1097	EXEC-WS-039	2026-02-19T14:57:12.627Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.1.139	61644	204.61.89.99	445
1098	EXEC-WS-039	2026-02-18T14:35:42.170Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.1.139	60357	168.212.188.105	8080
1099	EXEC-WS-039	2026-02-18T02:46:21.314Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	tcp	10.10.1.139	58000	10.10.2.125	80
1100	EXEC-WS-039	2026-02-19T14:01:17.904Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.1.139	60889	123.251.201.122	443	npmjs.com
1101	EXEC-WS-039	2026-02-13T00:22:24.073Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.1.139	58969	10.10.1.157	8080
1102	EXEC-WS-039	2026-02-16T17:05:27.554Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.139	54950	51.111.154.175	389	windowsupdate.com
1103	EXEC-WS-039	2026-02-20T07:48:54.356Z	3	C:\Windows\System32\smss.exe	ACME\admin	tcp	10.10.1.139	50922	10.10.3.174	445
1104	EXEC-WS-039	2026-02-10T22:09:41.298Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.1.139	59455	18.171.184.155	443
1105	EXEC-WS-039	2026-02-15T04:00:46.808Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.139	50913	21.70.214.162	389
1106	EXEC-WS-039	2026-02-14T19:11:50.403Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.1.139	56869	2.120.105.228	8080
1107	EXEC-WS-039	2026-02-12T09:18:06.021Z	3	C:\Windows\System32\dwm.exe	ACME\admin	udp	10.10.1.139	55114	33.247.40.176	389
1108	EXEC-WS-039	2026-02-15T14:27:46.594Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.1.139	49965	92.49.97.111	80
1109	EXEC-WS-039	2026-02-12T15:15:53.759Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.139	58712	10.10.1.103	53
1110	EXEC-WS-039	2026-02-12T04:35:45.655Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	udp	10.10.1.139	52916	95.32.208.53	80
1111	EXEC-WS-039	2026-02-16T17:51:38.011Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	tcp	10.10.1.139	62570	68.39.59.20	445
1112	EXEC-WS-039	2026-02-13T10:53:34.349Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.139	52380	3.55.60.40	53
1113	EXEC-WS-039	2026-02-18T19:55:52.529Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.1.139	50106	10.10.1.112	3389
1114	EXEC-WS-039	2026-02-10T23:09:49.684Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.139	50436	52.100.174.157	53
1115	EXEC-WS-039	2026-02-20T14:39:12.885Z	3	C:\Windows\System32\svchost.exe	ACME\admin	udp	10.10.1.139	62597	10.10.1.163	389
1116	EXEC-WS-039	2026-02-10T21:19:58.074Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.1.139	53927	10.10.3.123	3389
1117	EXEC-WS-039	2026-02-18T04:39:49.360Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.1.139	62806	10.10.2.10	389
1118	EXEC-WS-039	2026-02-13T12:43:35.648Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.139	61390	177.29.206.155	389
1119	EXEC-WS-039	2026-02-10T14:48:56.546Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.139	63700	56.21.121.58	445
1120	EXEC-WS-039	2026-02-17T09:37:24.984Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.1.139	49366	10.10.1.127	445
1121	EXEC-WS-039	2026-02-12T21:54:07.080Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.139	54035	10.10.2.110	443
1122	EXEC-WS-039	2026-02-19T00:49:42.537Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.1.139	60783	10.10.3.138	3389
1123	EXEC-WS-039	2026-02-10T13:37:46.763Z	3	C:\Windows\System32\svchost.exe	ACME\admin	tcp	10.10.1.139	61462	28.84.5.216	443
1124	EXEC-WS-039	2026-02-11T17:37:47.617Z	3	C:\Windows\System32\dwm.exe	ACME\admin	udp	10.10.1.139	54631	30.42.10.196	8080
1125	IT-WS-040	2026-02-15T20:52:58.580Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.2.140	57094	10.10.3.111	445
1126	IT-WS-040	2026-02-13T08:31:23.108Z	3	C:\Windows\System32\teams.exe	ACME\admin	udp	10.10.2.140	54160	128.97.179.144	443
1127	IT-WS-040	2026-02-14T08:13:18.893Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.140	51852	2.169.229.98	445
1128	IT-WS-040	2026-02-20T03:40:36.797Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.140	54941	10.10.2.140	53
1129	IT-WS-040	2026-02-19T05:22:04.290Z	3	C:\Windows\System32\dwm.exe	ACME\admin	udp	10.10.2.140	53810	10.10.1.127	8080
1130	IT-WS-040	2026-02-11T07:22:16.694Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.140	54788	10.10.1.145	389
1131	IT-WS-040	2026-02-11T11:38:44.677Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.140	60103	46.224.42.103	8080
1132	IT-WS-040	2026-02-10T16:32:16.243Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.2.140	50929	10.10.2.110	8080
1133	IT-WS-040	2026-02-15T22:51:17.658Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.140	65244	10.10.1.118	8080
1134	IT-WS-040	2026-02-18T06:27:50.804Z	3	C:\Windows\System32\dwm.exe	ACME\admin	udp	10.10.2.140	49660	118.159.146.130	3389
1135	IT-WS-040	2026-02-12T13:49:01.820Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.2.140	55103	12.53.111.96	8080
1136	IT-WS-040	2026-02-16T05:54:46.772Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.140	53489	202.40.162.193	8080
1137	IT-WS-040	2026-02-14T13:05:10.740Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.140	49951	69.206.2.88	3389
1138	IT-WS-040	2026-02-16T07:04:16.314Z	3	C:\Windows\System32\notepad.exe	ACME\admin	udp	10.10.2.140	55692	10.10.3.114	53	outlook.office365.com
1139	IT-WS-040	2026-02-19T06:01:36.596Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.140	64043	10.10.1.11	8080
1140	IT-WS-040	2026-02-18T04:17:30.427Z	3	C:\Windows\System32\cmd.exe	ACME\admin	udp	10.10.2.140	53266	10.10.3.141	389
1141	IT-WS-040	2026-02-11T01:07:39.855Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.2.140	65099	10.10.2.119	3389
1142	IT-WS-040	2026-02-13T08:20:50.631Z	3	C:\Windows\System32\taskhostw.exe	ACME\admin	udp	10.10.2.140	54653	79.5.86.45	389
1143	IT-WS-040	2026-02-17T19:01:54.110Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	udp	10.10.2.140	64038	10.10.1.136	443
1144	IT-WS-040	2026-02-11T22:38:28.963Z	3	C:\Windows\System32\notepad.exe	ACME\admin	tcp	10.10.2.140	64277	133.191.171.170	443
1145	IT-WS-040	2026-02-11T03:49:50.181Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.2.140	59887	10.10.1.151	389	outlook.office365.com
1146	IT-WS-040	2026-02-11T12:47:02.176Z	3	C:\Windows\System32\lsass.exe	ACME\admin	tcp	10.10.2.140	56807	10.10.3.129	3389
1147	IT-WS-040	2026-02-12T21:03:53.127Z	3	C:\Windows\System32\svchost.exe	ACME\admin	udp	10.10.2.140	57080	28.100.26.190	443
1148	IT-WS-040	2026-02-15T08:38:58.214Z	3	C:\Windows\System32\System	ACME\admin	udp	10.10.2.140	53245	10.10.1.154	8080
1149	IT-WS-040	2026-02-12T23:31:23.317Z	3	C:\Windows\System32\powershell.exe	ACME\admin	udp	10.10.2.140	50214	147.44.93.44	53
1150	IT-WS-040	2026-02-13T00:19:01.785Z	3	C:\Windows\System32\explorer.exe	ACME\admin	udp	10.10.2.140	57682	10.10.1.139	53
1151	IT-WS-040	2026-02-16T17:50:57.564Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.140	60947	184.38.7.106	443
1152	IT-WS-040	2026-02-19T08:21:16.318Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.2.140	64261	59.87.209.199	80	login.microsoftonline.com
1153	IT-WS-040	2026-02-18T05:59:17.624Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.2.140	56651	10.10.2.155	389
1154	IT-WS-040	2026-02-17T22:02:17.056Z	3	C:\Windows\System32\smss.exe	ACME\admin	udp	10.10.2.140	50649	10.10.1.109	3389
1155	IT-WS-040	2026-02-13T19:05:12.908Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.2.140	52743	87.252.112.84	445
1156	HR-WS-041	2026-02-17T04:37:26.384Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.3.141	52514	10.10.2.101	53
1157	HR-WS-041	2026-02-20T09:11:50.764Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.3.141	58497	10.10.2.104	8080
1158	HR-WS-041	2026-02-12T10:24:02.868Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.3.141	50221	196.63.228.158	443
1159	HR-WS-041	2026-02-17T12:33:10.710Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.3.141	52091	124.183.53.199	445	googleapis.com
1160	HR-WS-041	2026-02-15T22:45:54.976Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.3.141	57498	73.145.165.225	80	cloudflare.com
1161	HR-WS-041	2026-02-12T13:12:13.933Z	3	C:\Windows\System32\svchost.exe	ACME\idavis	tcp	10.10.3.141	51021	10.10.2.113	445
1162	HR-WS-041	2026-02-13T17:04:38.519Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.3.141	53388	102.193.246.252	445
1163	HR-WS-041	2026-02-17T18:15:57.224Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.3.141	51473	10.10.1.169	80
1164	HR-WS-041	2026-02-18T15:25:11.423Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.141	60801	10.10.3.171	53
1165	HR-WS-041	2026-02-16T16:34:19.742Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	tcp	10.10.3.141	59680	10.10.1.163	3389
1166	HR-WS-041	2026-02-11T05:36:16.718Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.141	55947	32.41.216.171	53	aws.amazon.com
1167	HR-WS-041	2026-02-17T05:25:36.191Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.3.141	63768	10.10.1.11	445
1168	HR-WS-041	2026-02-15T13:47:53.630Z	3	C:\Windows\System32\services.exe	ACME\idavis	tcp	10.10.3.141	62267	202.5.26.253	8080
1169	HR-WS-041	2026-02-17T07:36:12.144Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	udp	10.10.3.141	64918	10.10.2.155	80
1170	HR-WS-041	2026-02-11T02:09:49.294Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.3.141	65034	79.48.1.62	8080
1171	HR-WS-041	2026-02-16T17:06:34.092Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.3.141	55078	10.10.2.161	8080
1172	HR-WS-041	2026-02-10T14:08:22.998Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.141	50597	97.7.148.236	443
1173	HR-WS-041	2026-02-10T20:51:37.095Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.3.141	63928	10.10.1.145	80
1174	HR-WS-041	2026-02-16T02:00:49.387Z	3	C:\Windows\System32\code.exe	ACME\idavis	tcp	10.10.3.141	52798	10.10.1.121	389
1175	HR-WS-041	2026-02-13T16:30:56.395Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.3.141	61605	183.160.245.60	80
1176	HR-WS-041	2026-02-11T06:32:22.060Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	udp	10.10.3.141	56009	10.10.3.135	53
1177	HR-WS-041	2026-02-16T12:11:52.055Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.3.141	52664	10.10.1.142	3389
1178	HR-WS-041	2026-02-11T20:59:32.947Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.3.141	56957	153.21.12.81	445	acme.local
1179	HR-WS-041	2026-02-18T20:45:31.083Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.141	50492	16.36.224.215	389
1180	HR-WS-041	2026-02-16T20:06:14.949Z	3	C:\Windows\System32\teams.exe	ACME\idavis	udp	10.10.3.141	56678	10.10.1.169	53
1181	HR-WS-041	2026-02-11T06:53:30.847Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.141	56253	10.10.3.150	389
1182	HR-WS-041	2026-02-14T06:44:02.700Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.141	56670	44.84.212.40	8080
1183	HR-WS-041	2026-02-17T20:34:47.152Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.141	53791	158.197.24.85	53
1184	HR-WS-041	2026-02-11T06:46:19.273Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.141	58492	10.10.2.125	80
1185	HR-WS-041	2026-02-16T12:48:42.130Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.141	64450	132.238.39.136	389	pokerstars.com
1186	HR-WS-041	2026-02-14T01:22:58.035Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.3.141	63154	10.10.3.147	80
1187	HR-WS-041	2026-02-13T14:26:11.948Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.3.141	55203	10.10.2.128	80	acme.sharepoint.com
1188	HR-WS-041	2026-02-17T01:23:29.102Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.141	60030	10.10.2.152	389
1189	HR-WS-041	2026-02-11T16:28:04.107Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	udp	10.10.3.141	55969	98.138.90.208	8080
1190	HR-WS-041	2026-02-16T23:37:07.486Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	udp	10.10.3.141	55006	210.52.133.63	445
1191	HR-WS-041	2026-02-19T16:34:43.302Z	3	C:\Windows\System32\csrss.exe	ACME\idavis	tcp	10.10.3.141	60763	10.10.3.120	443	time.windows.com
1192	HR-WS-041	2026-02-13T16:07:08.987Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	tcp	10.10.3.141	50248	10.10.2.104	8080	file-01.acme.local
1193	HR-WS-041	2026-02-14T21:03:28.475Z	3	C:\Windows\System32\services.exe	ACME\idavis	tcp	10.10.3.141	64413	10.10.3.138	80
1194	HR-WS-041	2026-02-20T12:35:52.746Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.141	64660	10.10.3.165	443
1195	HR-WS-041	2026-02-15T10:17:02.202Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.3.141	51967	211.43.73.116	389
1196	HR-WS-041	2026-02-14T17:51:28.145Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	udp	10.10.3.141	63911	125.102.122.60	8080
1197	HR-WS-041	2026-02-17T14:28:42.314Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.3.141	53380	92.175.67.181	8080
1198	FIN-WS-042	2026-02-15T21:28:35.183Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	udp	10.10.1.142	60368	126.233.14.9	3389	windowsupdate.com
1199	FIN-WS-042	2026-02-16T04:51:07.755Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.1.142	57209	152.138.126.57	53
1200	FIN-WS-042	2026-02-18T01:25:27.284Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	udp	10.10.1.142	49940	36.165.203.202	3389
1201	FIN-WS-042	2026-02-20T04:52:21.918Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	tcp	10.10.1.142	60099	10.10.1.166	445
1202	FIN-WS-042	2026-02-12T02:33:26.116Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	tcp	10.10.1.142	54449	10.10.3.132	53	acme.local
1203	FIN-WS-042	2026-02-13T15:01:49.417Z	3	C:\Windows\System32\dwm.exe	ACME\agarcia	udp	10.10.1.142	57853	101.163.97.24	443
1204	FIN-WS-042	2026-02-17T17:57:24.535Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	tcp	10.10.1.142	50600	10.10.1.136	53
1205	FIN-WS-042	2026-02-12T06:40:57.637Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	tcp	10.10.1.142	52014	10.10.1.175	8080
1206	FIN-WS-042	2026-02-15T15:30:06.790Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	tcp	10.10.1.142	56426	219.83.45.28	8080
1207	FIN-WS-042	2026-02-19T00:32:41.086Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	tcp	10.10.1.142	56777	10.10.3.144	443
1208	FIN-WS-042	2026-02-14T18:44:38.480Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	udp	10.10.1.142	56915	10.10.3.141	3389
1209	FIN-WS-042	2026-02-15T04:57:22.942Z	3	C:\Windows\System32\SearchHost.exe	ACME\agarcia	udp	10.10.1.142	62843	10.10.1.118	3389
1210	FIN-WS-042	2026-02-10T14:43:17.443Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.1.142	50317	10.10.3.138	53	update.microsoft.com
1211	FIN-WS-042	2026-02-15T15:45:48.352Z	3	C:\Windows\System32\OneDrive.exe	ACME\agarcia	tcp	10.10.1.142	62140	10.10.3.102	3389
1212	FIN-WS-042	2026-02-13T05:55:04.065Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.1.142	61282	85.33.234.198	3389
1213	FIN-WS-042	2026-02-20T08:24:08.811Z	3	C:\Windows\System32\outlook.exe	ACME\agarcia	udp	10.10.1.142	55366	97.232.130.112	443
1214	FIN-WS-042	2026-02-20T00:20:00.648Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	tcp	10.10.1.142	55219	142.98.228.214	3389
1215	FIN-WS-042	2026-02-10T10:20:24.588Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	tcp	10.10.1.142	49546	10.10.3.171	53
1216	FIN-WS-042	2026-02-15T12:59:54.447Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	tcp	10.10.1.142	51488	74.140.201.209	445
1217	FIN-WS-042	2026-02-12T01:50:33.084Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	tcp	10.10.1.142	57855	10.10.1.160	8080
1218	FIN-WS-042	2026-02-19T19:25:59.649Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.142	54081	10.10.1.163	53
1219	FIN-WS-042	2026-02-13T23:20:16.262Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	udp	10.10.1.142	61096	10.10.1.121	53
1220	FIN-WS-042	2026-02-10T08:46:23.143Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	udp	10.10.1.142	52208	112.128.54.248	80
1221	FIN-WS-042	2026-02-15T14:13:30.209Z	3	C:\Windows\System32\powershell.exe	ACME\agarcia	udp	10.10.1.142	58214	86.56.201.145	8080
1222	FIN-WS-042	2026-02-17T07:52:39.986Z	3	C:\Windows\System32\SearchHost.exe	ACME\agarcia	udp	10.10.1.142	62323	10.10.2.152	3389
1223	FIN-WS-042	2026-02-18T15:44:59.155Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.1.142	51757	10.10.2.119	443
1224	FIN-WS-042	2026-02-17T16:39:18.707Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	udp	10.10.1.142	64905	10.10.3.129	8080
1225	FIN-WS-042	2026-02-17T12:05:07.424Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	tcp	10.10.1.142	63430	10.10.1.172	53
1226	FIN-WS-042	2026-02-15T05:49:08.996Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	udp	10.10.1.142	58056	10.10.1.106	389
1227	FIN-WS-042	2026-02-13T21:15:06.674Z	3	C:\Windows\System32\taskhostw.exe	ACME\agarcia	tcp	10.10.1.142	54824	132.236.157.70	443
1228	FIN-WS-042	2026-02-20T02:27:01.810Z	3	C:\Windows\System32\services.exe	ACME\agarcia	tcp	10.10.1.142	51602	10.10.1.172	445
1229	FIN-WS-042	2026-02-14T17:30:22.700Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	tcp	10.10.1.142	61314	10.10.3.108	445
1230	FIN-WS-042	2026-02-20T02:19:58.876Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.1.142	49585	10.10.3.165	8080
1231	FIN-WS-042	2026-02-17T23:22:20.500Z	3	C:\Windows\System32\SearchHost.exe	ACME\agarcia	tcp	10.10.1.142	59316	210.254.73.42	443
1232	FIN-WS-042	2026-02-12T01:03:59.609Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	tcp	10.10.1.142	61296	69.230.151.118	53	github.com
1233	FIN-WS-042	2026-02-16T12:03:28.398Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.1.142	53596	214.152.119.190	80
1234	FIN-WS-042	2026-02-19T06:22:51.688Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	udp	10.10.1.142	61282	10.10.1.118	389
1235	SLS-WS-043	2026-02-15T15:11:16.808Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	64141	10.10.2.167	445
1236	SLS-WS-043	2026-02-14T02:06:17.169Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	tcp	10.10.2.143	54496	10.10.2.10	8080
1237	SLS-WS-043	2026-02-15T13:11:12.785Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	62706	10.10.1.145	3389
1238	SLS-WS-043	2026-02-14T03:19:28.280Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	tcp	10.10.2.143	50805	149.41.99.93	445
1239	SLS-WS-043	2026-02-10T13:54:31.199Z	3	C:\Windows\System32\System	ACME\svc_backup	udp	10.10.2.143	58182	10.10.1.118	443
1240	SLS-WS-043	2026-02-17T23:08:40.130Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	57320	124.116.144.158	3389
1241	SLS-WS-043	2026-02-11T00:39:22.547Z	3	C:\Windows\System32\lsass.exe	ACME\svc_backup	udp	10.10.2.143	53708	144.157.186.9	8080
1242	SLS-WS-043	2026-02-14T04:52:09.947Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_backup	tcp	10.10.2.143	50873	186.162.12.71	8080
1243	SLS-WS-043	2026-02-17T02:26:25.161Z	3	C:\Windows\System32\lsass.exe	ACME\svc_backup	tcp	10.10.2.143	57563	34.16.16.40	80
1244	SLS-WS-043	2026-02-10T08:03:44.857Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	tcp	10.10.2.143	59418	10.10.2.10	80
1245	SLS-WS-043	2026-02-13T20:00:23.426Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_backup	udp	10.10.2.143	51938	10.10.2.170	445
1246	SLS-WS-043	2026-02-20T03:46:20.061Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	tcp	10.10.2.143	61398	10.10.3.117	389
1247	SLS-WS-043	2026-02-10T19:22:34.476Z	3	C:\Windows\System32\csrss.exe	ACME\svc_backup	udp	10.10.2.143	52747	10.10.2.101	389
1248	SLS-WS-043	2026-02-20T12:55:05.923Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	udp	10.10.2.143	53952	10.10.2.107	53
1249	SLS-WS-043	2026-02-13T05:19:07.863Z	3	C:\Windows\System32\explorer.exe	ACME\svc_backup	udp	10.10.2.143	65298	221.4.108.94	445
1250	SLS-WS-043	2026-02-16T19:13:10.083Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	udp	10.10.2.143	51466	10.10.1.10	80
1251	SLS-WS-043	2026-02-14T07:29:25.260Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	tcp	10.10.2.143	55188	10.10.2.134	445
1252	SLS-WS-043	2026-02-14T07:32:09.815Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_backup	tcp	10.10.2.143	58745	10.10.1.157	53
1253	SLS-WS-043	2026-02-20T02:05:36.607Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	udp	10.10.2.143	56457	130.163.44.101	53
1254	SLS-WS-043	2026-02-18T22:39:58.374Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_backup	udp	10.10.2.143	52835	76.150.168.45	445
1255	SLS-WS-043	2026-02-11T12:34:08.196Z	3	C:\Windows\System32\code.exe	ACME\svc_backup	udp	10.10.2.143	64467	198.102.61.225	443
1256	SLS-WS-043	2026-02-19T23:43:56.589Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	58944	133.16.97.41	53	pypi.org
1257	SLS-WS-043	2026-02-20T07:34:40.702Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	udp	10.10.2.143	54370	24.88.128.58	80
1258	SLS-WS-043	2026-02-20T01:18:28.773Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	udp	10.10.2.143	52316	10.10.3.120	3389
1259	SLS-WS-043	2026-02-11T17:05:04.415Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_backup	udp	10.10.2.143	53948	10.10.2.140	389
1260	SLS-WS-043	2026-02-10T14:25:03.006Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.143	54669	132.3.106.179	3389
1261	SLS-WS-043	2026-02-13T16:33:17.834Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	tcp	10.10.2.143	51682	10.10.2.173	3389	pypi.org
1262	SLS-WS-043	2026-02-19T08:18:33.834Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	56100	185.8.5.43	389	acme.local
1263	SLS-WS-043	2026-02-12T01:15:08.084Z	3	C:\Windows\System32\explorer.exe	ACME\svc_backup	tcp	10.10.2.143	59031	97.159.62.97	389
1264	SLS-WS-043	2026-02-10T08:15:59.976Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_backup	tcp	10.10.2.143	64284	10.10.2.125	445
1265	SLS-WS-043	2026-02-16T09:56:56.168Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	tcp	10.10.2.143	63247	10.10.1.106	3389	npmjs.com
1266	SLS-WS-043	2026-02-18T11:48:27.097Z	3	C:\Windows\System32\cmd.exe	ACME\svc_backup	udp	10.10.2.143	52103	51.75.46.63	3389
1267	SLS-WS-043	2026-02-20T16:45:18.377Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	tcp	10.10.2.143	56705	132.247.73.120	8080	exch-01.acme.local
1268	SLS-WS-043	2026-02-11T12:29:33.026Z	3	C:\Windows\System32\lsass.exe	ACME\svc_backup	udp	10.10.2.143	60597	209.35.97.111	3389
1269	SLS-WS-043	2026-02-19T19:51:00.074Z	3	C:\Windows\System32\notepad.exe	ACME\svc_backup	udp	10.10.2.143	62027	10.10.3.108	443
1270	SLS-WS-043	2026-02-19T17:17:08.206Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	50092	181.221.94.96	3389
1271	SLS-WS-043	2026-02-14T03:59:17.385Z	3	C:\Windows\System32\code.exe	ACME\svc_backup	udp	10.10.2.143	58299	10.10.2.107	80
1272	SLS-WS-043	2026-02-15T08:03:03.506Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	tcp	10.10.2.143	60140	10.10.3.132	53
1273	SLS-WS-043	2026-02-15T11:20:38.357Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.143	54810	57.42.243.163	80
1274	SLS-WS-043	2026-02-15T15:06:20.646Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_backup	tcp	10.10.2.143	61869	10.10.3.120	53	aws.amazon.com
1275	ENG-WS-044	2026-02-14T20:43:39.625Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.3.144	59585	44.106.191.223	443
1276	ENG-WS-044	2026-02-12T09:20:56.650Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	tcp	10.10.3.144	51467	10.10.2.128	53
1277	ENG-WS-044	2026-02-20T02:29:02.857Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	udp	10.10.3.144	51755	48.79.109.232	80
1278	ENG-WS-044	2026-02-18T12:42:37.944Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.3.144	52470	10.10.3.162	80
1279	ENG-WS-044	2026-02-10T20:08:32.979Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	tcp	10.10.3.144	56383	10.10.2.167	389
1280	ENG-WS-044	2026-02-19T15:13:06.407Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	tcp	10.10.3.144	62236	157.51.51.191	80
1281	ENG-WS-044	2026-02-19T07:21:30.283Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.3.144	62323	10.10.2.173	389
1282	ENG-WS-044	2026-02-19T01:26:05.247Z	3	C:\Windows\System32\csrss.exe	ACME\agarcia	udp	10.10.3.144	61527	10.10.3.132	389	googleapis.com
1283	ENG-WS-044	2026-02-14T22:39:57.930Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.3.144	58018	13.80.110.21	53
1284	ENG-WS-044	2026-02-16T10:34:12.164Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.3.144	59976	10.10.1.11	389
1285	ENG-WS-044	2026-02-18T13:30:01.463Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	udp	10.10.3.144	50267	41.30.90.125	53
1286	ENG-WS-044	2026-02-11T10:05:55.628Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	tcp	10.10.3.144	63223	28.152.142.57	445	exch-01.acme.local
1287	ENG-WS-044	2026-02-12T21:19:49.172Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.3.144	55624	10.10.2.161	53
1288	ENG-WS-044	2026-02-20T00:02:22.600Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	udp	10.10.3.144	60549	175.85.126.110	53
1289	ENG-WS-044	2026-02-13T12:19:46.999Z	3	C:\Windows\System32\services.exe	ACME\agarcia	tcp	10.10.3.144	57963	25.64.91.99	8080
1290	ENG-WS-044	2026-02-18T23:52:03.651Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.3.144	60237	10.10.1.12	53
1291	ENG-WS-044	2026-02-20T10:44:42.554Z	3	C:\Windows\System32\powershell.exe	ACME\agarcia	udp	10.10.3.144	53809	211.123.7.22	53
1292	ENG-WS-044	2026-02-15T00:18:02.566Z	3	C:\Windows\System32\outlook.exe	ACME\agarcia	udp	10.10.3.144	53307	132.40.33.212	443
1293	ENG-WS-044	2026-02-19T23:33:34.585Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.3.144	56012	10.10.1.136	80	file-01.acme.local
1294	ENG-WS-044	2026-02-19T02:46:19.878Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.3.144	57179	125.29.169.91	8080
1295	ENG-WS-044	2026-02-17T07:45:11.091Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.3.144	58139	38.226.200.116	8080
1296	ENG-WS-044	2026-02-20T14:33:44.797Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.3.144	59989	72.72.115.33	53	npmjs.com
1297	ENG-WS-044	2026-02-14T09:57:34.905Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.3.144	62616	10.10.3.153	443
1298	LEG-WS-045	2026-02-19T12:10:30.818Z	3	C:\Windows\System32\code.exe	ACME\agarcia	udp	10.10.1.145	58150	41.182.212.212	80
1299	LEG-WS-045	2026-02-11T09:15:40.312Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.145	64498	10.10.2.143	445
1300	LEG-WS-045	2026-02-20T00:27:10.302Z	3	C:\Windows\System32\outlook.exe	ACME\agarcia	udp	10.10.1.145	62844	157.35.207.32	80
1301	LEG-WS-045	2026-02-10T22:04:50.306Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	udp	10.10.1.145	54048	102.129.231.161	80
1302	LEG-WS-045	2026-02-19T12:49:00.225Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	udp	10.10.1.145	51785	5.136.196.71	53
1303	LEG-WS-045	2026-02-20T11:15:43.476Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	udp	10.10.1.145	52580	10.10.1.115	3389
1304	LEG-WS-045	2026-02-18T00:00:26.109Z	3	C:\Windows\System32\csrss.exe	ACME\agarcia	tcp	10.10.1.145	64214	65.115.52.203	443
1305	LEG-WS-045	2026-02-13T15:18:56.759Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.145	52579	10.10.3.138	445
1306	LEG-WS-045	2026-02-19T14:16:57.155Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	udp	10.10.1.145	61480	10.10.1.133	80
1307	LEG-WS-045	2026-02-20T15:39:10.190Z	3	C:\Windows\System32\services.exe	ACME\agarcia	udp	10.10.1.145	64036	10.10.1.148	389
1308	LEG-WS-045	2026-02-17T14:48:28.807Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	tcp	10.10.1.145	51110	67.77.93.60	389
1309	LEG-WS-045	2026-02-19T05:48:43.433Z	3	C:\Windows\System32\dwm.exe	ACME\agarcia	tcp	10.10.1.145	54062	109.64.78.64	80
1310	LEG-WS-045	2026-02-12T14:37:46.734Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.1.145	61866	10.10.1.175	80
1311	LEG-WS-045	2026-02-16T18:56:11.074Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.1.145	59055	10.10.2.146	53
1312	LEG-WS-045	2026-02-16T18:35:39.073Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.145	51566	132.22.50.153	445
1313	LEG-WS-045	2026-02-18T20:32:07.445Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	udp	10.10.1.145	59626	10.10.1.145	80
1314	LEG-WS-045	2026-02-17T07:40:16.621Z	3	C:\Windows\System32\MsMpEng.exe	ACME\agarcia	udp	10.10.1.145	62810	10.10.2.131	389
1315	LEG-WS-045	2026-02-15T13:33:09.232Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	udp	10.10.1.145	63471	10.10.1.103	53
1316	LEG-WS-045	2026-02-13T08:07:50.948Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.1.145	61633	36.34.168.222	3389
1317	LEG-WS-045	2026-02-17T11:35:25.051Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	tcp	10.10.1.145	49285	10.10.1.166	3389
1318	LEG-WS-045	2026-02-17T19:46:45.406Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	udp	10.10.1.145	54520	1.143.203.105	443
1319	LEG-WS-045	2026-02-11T11:50:16.469Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	tcp	10.10.1.145	59978	10.10.1.139	443	dc-01.acme.local
1320	LEG-WS-045	2026-02-14T11:35:19.221Z	3	C:\Windows\System32\OneDrive.exe	ACME\agarcia	tcp	10.10.1.145	59566	7.32.40.186	53
1321	MKT-WS-046	2026-02-13T02:17:48.488Z	3	C:\Windows\System32\OneDrive.exe	ACME\agarcia	tcp	10.10.2.146	51975	168.11.82.202	53
1322	MKT-WS-046	2026-02-12T17:59:47.552Z	3	C:\Windows\System32\System	ACME\agarcia	udp	10.10.2.146	49214	27.205.250.231	8080
1323	MKT-WS-046	2026-02-15T06:48:51.184Z	3	C:\Windows\System32\services.exe	ACME\agarcia	tcp	10.10.2.146	56167	211.99.163.105	445	draftkings.com
1324	MKT-WS-046	2026-02-15T05:04:08.008Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	udp	10.10.2.146	60545	10.10.1.118	3389
1325	MKT-WS-046	2026-02-17T23:30:41.393Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	tcp	10.10.2.146	60173	10.10.1.10	53
1326	MKT-WS-046	2026-02-16T06:12:02.446Z	3	C:\Windows\System32\csrss.exe	ACME\agarcia	tcp	10.10.2.146	61538	10.10.3.135	443
1327	MKT-WS-046	2026-02-13T17:26:46.628Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.2.146	64383	80.150.160.209	53
1328	MKT-WS-046	2026-02-17T16:03:43.224Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	tcp	10.10.2.146	57515	10.10.1.11	80
1329	MKT-WS-046	2026-02-13T23:46:20.086Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.2.146	63885	2.237.85.97	80
1330	MKT-WS-046	2026-02-20T10:07:24.535Z	3	C:\Windows\System32\code.exe	ACME\agarcia	udp	10.10.2.146	51484	10.10.2.149	3389
1331	MKT-WS-046	2026-02-18T00:34:44.749Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.2.146	55225	10.10.3.135	8080
1332	MKT-WS-046	2026-02-11T07:52:22.109Z	3	C:\Windows\System32\taskhostw.exe	ACME\agarcia	udp	10.10.2.146	62895	10.10.2.164	445
1333	MKT-WS-046	2026-02-18T14:17:39.663Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	udp	10.10.2.146	56988	10.10.2.113	8080	npmjs.com
1334	MKT-WS-046	2026-02-19T04:39:09.507Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	udp	10.10.2.146	61782	12.138.243.137	3389
1335	MKT-WS-046	2026-02-16T02:42:22.264Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.2.146	53500	139.85.152.13	445
1336	MKT-WS-046	2026-02-10T16:25:09.204Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	udp	10.10.2.146	51827	10.10.1.106	3389
1337	MKT-WS-046	2026-02-17T14:04:23.347Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	udp	10.10.2.146	65434	10.10.3.120	389
1338	MKT-WS-046	2026-02-18T10:42:54.141Z	3	C:\Windows\System32\code.exe	ACME\agarcia	udp	10.10.2.146	56286	37.5.183.12	445
1339	MKT-WS-046	2026-02-13T01:54:09.452Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	tcp	10.10.2.146	54844	10.10.1.136	443
1340	MKT-WS-046	2026-02-11T17:28:17.452Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	udp	10.10.2.146	56320	10.10.1.139	443
1341	MKT-WS-046	2026-02-18T02:00:56.347Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.2.146	50304	85.66.184.147	389
1342	MKT-WS-046	2026-02-19T22:52:58.718Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.2.146	51912	69.57.70.111	3389
1343	MKT-WS-046	2026-02-12T13:30:47.456Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.2.146	59064	79.247.71.77	53
1344	MKT-WS-046	2026-02-12T21:43:19.503Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.2.146	62619	10.10.1.106	445
1345	MKT-WS-046	2026-02-18T14:24:50.532Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	udp	10.10.2.146	53012	221.19.170.80	443
1346	MKT-WS-046	2026-02-17T13:20:10.623Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.2.146	53206	10.10.3.147	443	npmjs.com
1347	MKT-WS-046	2026-02-17T20:59:36.552Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	udp	10.10.2.146	50175	40.245.163.41	8080
1348	MKT-WS-046	2026-02-11T15:10:06.806Z	3	C:\Windows\System32\taskhostw.exe	ACME\agarcia	tcp	10.10.2.146	53333	10.10.3.111	443	acme.local
1349	MKT-WS-046	2026-02-11T15:25:24.813Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.2.146	49848	114.74.118.97	80
1350	MKT-WS-046	2026-02-12T23:10:27.812Z	3	C:\Windows\System32\services.exe	ACME\agarcia	udp	10.10.2.146	50153	10.10.1.13	443
1351	MKT-WS-046	2026-02-14T10:15:45.621Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	udp	10.10.2.146	52843	114.14.188.118	53	windowsupdate.com
1352	MKT-WS-046	2026-02-16T20:08:44.143Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.2.146	62008	100.178.217.207	80
1353	MKT-WS-046	2026-02-12T08:19:29.521Z	3	C:\Windows\System32\System	ACME\agarcia	udp	10.10.2.146	53262	10.10.2.128	80	acme.sharepoint.com
1354	MKT-WS-046	2026-02-13T14:18:13.265Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	tcp	10.10.2.146	50244	10.10.3.111	389
1355	MKT-WS-046	2026-02-16T00:58:12.894Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	tcp	10.10.2.146	58364	176.9.132.129	80
1356	MKT-WS-046	2026-02-12T04:26:08.360Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.2.146	58176	153.71.169.11	53
1357	MKT-WS-046	2026-02-20T05:52:03.991Z	3	C:\Windows\System32\spoolsv.exe	ACME\agarcia	udp	10.10.2.146	49352	10.10.2.140	53
1358	MKT-WS-046	2026-02-16T09:56:40.632Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.2.146	55678	10.10.1.154	389
1359	MKT-WS-046	2026-02-18T23:55:57.720Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.2.146	50701	10.10.1.118	445
1360	MKT-WS-046	2026-02-12T18:41:38.619Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.2.146	54607	10.10.1.160	443
1361	MKT-WS-046	2026-02-12T08:58:50.346Z	3	C:\Windows\System32\outlook.exe	ACME\agarcia	udp	10.10.2.146	53153	31.3.70.31	445
1362	MKT-WS-046	2026-02-14T23:54:40.038Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.2.146	63542	10.10.1.121	445
1363	MKT-WS-046	2026-02-17T13:58:13.528Z	3	C:\Windows\System32\dwm.exe	ACME\agarcia	tcp	10.10.2.146	53426	10.10.3.114	80
1364	MKT-WS-046	2026-02-10T17:26:00.459Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	tcp	10.10.2.146	63977	10.10.2.167	8080
1365	MKT-WS-046	2026-02-17T06:07:00.181Z	3	C:\Windows\System32\OneDrive.exe	ACME\agarcia	udp	10.10.2.146	56190	10.10.1.13	80
1366	MKT-WS-046	2026-02-16T18:17:49.277Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.2.146	55255	180.106.51.183	443
1367	MKT-WS-046	2026-02-14T00:06:23.775Z	3	C:\Windows\System32\smss.exe	ACME\agarcia	udp	10.10.2.146	63490	77.252.18.211	80
1368	MKT-WS-046	2026-02-14T19:35:34.038Z	3	C:\Windows\System32\SearchHost.exe	ACME\agarcia	tcp	10.10.2.146	51221	10.10.1.169	80
1369	EXEC-WS-047	2026-02-20T12:28:15.912Z	3	C:\Windows\System32\services.exe	ACME\svc_web	udp	10.10.3.147	49502	126.105.134.137	53
1370	EXEC-WS-047	2026-02-14T15:55:52.970Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	udp	10.10.3.147	63657	10.10.3.108	443
1371	EXEC-WS-047	2026-02-11T23:57:56.948Z	3	C:\Windows\System32\code.exe	ACME\svc_web	udp	10.10.3.147	60177	10.10.3.135	8080
1372	EXEC-WS-047	2026-02-18T06:03:14.021Z	3	C:\Windows\System32\code.exe	ACME\svc_web	tcp	10.10.3.147	52705	10.10.2.10	443
1373	EXEC-WS-047	2026-02-16T12:55:01.981Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.147	60563	127.236.87.225	80
1374	EXEC-WS-047	2026-02-18T17:59:22.110Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	tcp	10.10.3.147	53724	10.10.1.139	3389
1375	EXEC-WS-047	2026-02-13T22:33:07.360Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.3.147	62945	160.191.98.155	445
1376	EXEC-WS-047	2026-02-17T03:21:42.371Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.3.147	58337	10.10.1.112	53
1377	EXEC-WS-047	2026-02-14T14:40:17.131Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	tcp	10.10.3.147	51678	10.10.1.115	3389	www.bet365.com
1378	EXEC-WS-047	2026-02-18T13:11:29.714Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	tcp	10.10.3.147	57209	89.236.143.48	443
1379	EXEC-WS-047	2026-02-16T17:48:31.281Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	udp	10.10.3.147	59731	177.84.108.97	3389
1380	EXEC-WS-047	2026-02-14T07:30:32.032Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	udp	10.10.3.147	55480	10.10.1.145	389
1381	EXEC-WS-047	2026-02-15T04:51:36.477Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.3.147	64999	10.10.1.151	445
1382	EXEC-WS-047	2026-02-11T16:28:56.812Z	3	C:\Windows\System32\services.exe	ACME\svc_web	udp	10.10.3.147	61483	68.49.88.1	443
1383	EXEC-WS-047	2026-02-20T14:28:54.132Z	3	C:\Windows\System32\teams.exe	ACME\svc_web	tcp	10.10.3.147	63420	21.210.243.8	445
1384	EXEC-WS-047	2026-02-16T15:04:36.393Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.3.147	56153	10.10.1.127	8080
1385	EXEC-WS-047	2026-02-12T14:06:18.229Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.3.147	53928	205.81.246.19	445
1386	EXEC-WS-047	2026-02-15T12:27:58.628Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.3.147	64938	140.250.97.201	8080
1387	EXEC-WS-047	2026-02-16T19:45:40.927Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	tcp	10.10.3.147	58987	139.204.24.10	8080
1388	EXEC-WS-047	2026-02-19T08:19:38.277Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.3.147	57538	10.10.3.159	389
1389	EXEC-WS-047	2026-02-19T01:07:39.482Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	udp	10.10.3.147	64573	10.10.2.11	3389
1390	EXEC-WS-047	2026-02-14T05:30:17.492Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	udp	10.10.3.147	49958	10.10.1.139	8080
1391	EXEC-WS-047	2026-02-18T11:59:56.001Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_web	udp	10.10.3.147	65146	10.10.2.131	80
1392	EXEC-WS-047	2026-02-11T22:37:27.601Z	3	C:\Windows\System32\code.exe	ACME\svc_web	udp	10.10.3.147	57223	10.10.3.138	8080
1393	EXEC-WS-047	2026-02-20T14:52:49.956Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_web	tcp	10.10.3.147	55361	10.10.2.101	443
1394	EXEC-WS-047	2026-02-19T08:44:41.224Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.3.147	62790	189.70.163.28	389
1395	EXEC-WS-047	2026-02-10T16:39:06.556Z	3	C:\Windows\System32\powershell.exe	ACME\svc_web	udp	10.10.3.147	51960	10.10.3.168	443
1396	EXEC-WS-047	2026-02-11T05:38:43.464Z	3	C:\Windows\System32\services.exe	ACME\svc_web	tcp	10.10.3.147	59610	10.10.1.151	443
1397	EXEC-WS-047	2026-02-10T11:42:42.594Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.3.147	51368	215.196.93.29	443
1398	EXEC-WS-047	2026-02-18T10:27:30.957Z	3	C:\Windows\System32\services.exe	ACME\svc_web	tcp	10.10.3.147	64247	150.40.48.216	389
1399	EXEC-WS-047	2026-02-18T06:15:14.345Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	udp	10.10.3.147	60773	10.10.1.130	3389
1400	EXEC-WS-047	2026-02-13T03:02:20.397Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.3.147	60043	137.91.29.141	8080	acme.sharepoint.com
1401	EXEC-WS-047	2026-02-20T04:50:08.214Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_web	tcp	10.10.3.147	55952	10.10.1.106	53
1402	EXEC-WS-047	2026-02-11T02:04:34.629Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.3.147	60591	10.10.2.11	8080
1403	EXEC-WS-047	2026-02-17T07:59:36.705Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	tcp	10.10.3.147	51182	165.158.73.229	3389
1404	EXEC-WS-047	2026-02-20T12:30:36.362Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	udp	10.10.3.147	62878	5.228.47.214	443
1405	EXEC-WS-047	2026-02-20T08:24:34.534Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.3.147	58581	10.10.2.11	389
1406	EXEC-WS-047	2026-02-12T00:36:52.959Z	3	C:\Windows\System32\teams.exe	ACME\svc_web	tcp	10.10.3.147	54033	10.10.2.164	389
1407	EXEC-WS-047	2026-02-14T16:49:52.109Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.3.147	58016	198.20.159.147	80
1408	EXEC-WS-047	2026-02-14T19:34:21.231Z	3	C:\Windows\System32\code.exe	ACME\svc_web	tcp	10.10.3.147	61330	10.10.2.128	389
1409	EXEC-WS-047	2026-02-15T18:27:47.781Z	3	C:\Windows\System32\System	ACME\svc_web	udp	10.10.3.147	61518	42.92.138.151	389
1410	EXEC-WS-047	2026-02-17T07:32:24.172Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	tcp	10.10.3.147	57095	10.10.3.141	443	graph.microsoft.com
1411	EXEC-WS-047	2026-02-10T17:34:55.153Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	tcp	10.10.3.147	60056	174.34.35.167	389
1412	EXEC-WS-047	2026-02-18T13:25:35.789Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.3.147	53650	10.10.1.133	53
1413	EXEC-WS-047	2026-02-19T07:38:01.166Z	3	C:\Windows\System32\cmd.exe	ACME\svc_web	udp	10.10.3.147	61498	10.10.2.125	443
1414	EXEC-WS-047	2026-02-11T14:14:47.961Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.3.147	52204	10.10.3.141	8080
1415	EXEC-WS-047	2026-02-11T19:59:22.326Z	3	C:\Windows\System32\services.exe	ACME\svc_web	tcp	10.10.3.147	59173	76.2.151.192	3389
1416	EXEC-WS-047	2026-02-12T09:30:31.945Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.3.147	63715	10.10.3.120	53
1417	IT-WS-048	2026-02-14T22:07:49.521Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	udp	10.10.1.148	64353	10.10.1.160	389
1418	IT-WS-048	2026-02-17T16:34:06.283Z	3	C:\Windows\System32\code.exe	ACME\hbrown	tcp	10.10.1.148	61596	44.36.197.116	53
1419	IT-WS-048	2026-02-13T08:13:59.790Z	3	C:\Windows\System32\MsMpEng.exe	ACME\hbrown	tcp	10.10.1.148	62053	135.102.231.44	8080
1420	IT-WS-048	2026-02-14T21:55:18.488Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	60263	157.32.167.18	80
1421	IT-WS-048	2026-02-12T14:56:40.983Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	udp	10.10.1.148	53637	42.51.248.35	443
1422	IT-WS-048	2026-02-19T18:46:01.255Z	3	C:\Windows\System32\dwm.exe	ACME\hbrown	tcp	10.10.1.148	54864	37.100.150.66	443
1423	IT-WS-048	2026-02-18T16:22:16.112Z	3	C:\Windows\System32\powershell.exe	ACME\hbrown	udp	10.10.1.148	54145	8.80.173.55	443
1424	IT-WS-048	2026-02-10T23:03:44.482Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	udp	10.10.1.148	52479	10.10.1.133	443
1425	IT-WS-048	2026-02-12T23:44:23.871Z	3	C:\Windows\System32\csrss.exe	ACME\hbrown	tcp	10.10.1.148	50640	10.10.2.146	53
1426	IT-WS-048	2026-02-13T12:35:11.162Z	3	C:\Windows\System32\teams.exe	ACME\hbrown	tcp	10.10.1.148	50876	10.10.3.174	389
1427	IT-WS-048	2026-02-13T23:21:58.801Z	3	C:\Windows\System32\dwm.exe	ACME\hbrown	tcp	10.10.1.148	55147	180.82.101.51	8080
1428	IT-WS-048	2026-02-20T13:55:40.661Z	3	C:\Windows\System32\powershell.exe	ACME\hbrown	udp	10.10.1.148	54782	39.24.43.130	445
1429	IT-WS-048	2026-02-11T15:43:26.419Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	tcp	10.10.1.148	51247	10.10.2.167	443
1430	IT-WS-048	2026-02-10T21:35:24.774Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	65145	10.10.3.108	53
1431	IT-WS-048	2026-02-19T13:02:42.607Z	3	C:\Windows\System32\code.exe	ACME\hbrown	tcp	10.10.1.148	61661	10.10.1.121	3389
1432	IT-WS-048	2026-02-16T02:57:44.058Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	udp	10.10.1.148	63925	186.236.120.117	445
1433	IT-WS-048	2026-02-14T17:43:47.964Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	udp	10.10.1.148	50051	1.104.109.49	8080
1434	IT-WS-048	2026-02-18T08:03:04.403Z	3	C:\Windows\System32\spoolsv.exe	ACME\hbrown	tcp	10.10.1.148	52395	10.10.2.113	80
1435	IT-WS-048	2026-02-20T05:21:58.697Z	3	C:\Windows\System32\taskhostw.exe	ACME\hbrown	udp	10.10.1.148	60863	35.53.222.246	443
1436	IT-WS-048	2026-02-11T04:53:59.102Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	58251	10.10.3.135	80
1437	IT-WS-048	2026-02-19T15:24:43.313Z	3	C:\Windows\System32\teams.exe	ACME\hbrown	udp	10.10.1.148	55081	10.10.2.170	53
1438	IT-WS-048	2026-02-20T01:53:04.837Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	udp	10.10.1.148	63987	204.36.105.170	389
1439	IT-WS-048	2026-02-19T09:44:54.323Z	3	C:\Windows\System32\SearchHost.exe	ACME\hbrown	tcp	10.10.1.148	57099	128.240.237.19	443
1440	IT-WS-048	2026-02-14T03:02:41.729Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.1.148	56128	42.5.231.161	80
1441	IT-WS-048	2026-02-20T16:35:37.602Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	tcp	10.10.1.148	60898	10.10.3.111	389
1442	IT-WS-048	2026-02-18T16:22:25.553Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.1.148	63307	7.47.8.232	445
1443	IT-WS-048	2026-02-15T01:52:40.403Z	3	C:\Windows\System32\System	ACME\hbrown	udp	10.10.1.148	55846	10.10.3.129	80
1444	IT-WS-048	2026-02-17T00:29:02.118Z	3	C:\Program Files\msedge.exe	ACME\hbrown	udp	10.10.1.148	62402	10.10.2.161	389
1445	IT-WS-048	2026-02-19T11:18:00.511Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	56441	10.10.2.161	389
1446	IT-WS-048	2026-02-11T20:44:47.471Z	3	C:\Windows\System32\OneDrive.exe	ACME\hbrown	tcp	10.10.1.148	52722	10.10.3.114	80
1447	IT-WS-048	2026-02-19T07:22:25.233Z	3	C:\Windows\System32\lsass.exe	ACME\hbrown	tcp	10.10.1.148	65184	187.214.95.225	53
1448	IT-WS-048	2026-02-16T15:41:49.576Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	udp	10.10.1.148	54647	10.10.2.149	443
1449	IT-WS-048	2026-02-17T08:11:19.960Z	3	C:\Windows\System32\outlook.exe	ACME\hbrown	tcp	10.10.1.148	51139	10.10.1.10	80
1450	IT-WS-048	2026-02-19T15:59:42.290Z	3	C:\Windows\System32\svchost.exe	ACME\hbrown	udp	10.10.1.148	62371	58.7.51.46	3389
1451	IT-WS-048	2026-02-16T10:36:02.949Z	3	C:\Windows\System32\explorer.exe	ACME\hbrown	tcp	10.10.1.148	65206	10.10.3.174	3389
1452	IT-WS-048	2026-02-19T00:56:59.091Z	3	C:\Windows\System32\code.exe	ACME\hbrown	tcp	10.10.1.148	62594	59.81.37.60	3389
1453	IT-WS-048	2026-02-11T06:51:34.674Z	3	C:\Program Files\chrome.exe	ACME\hbrown	udp	10.10.1.148	55860	10.10.3.108	389
1454	IT-WS-048	2026-02-18T22:54:24.849Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	50549	10.10.1.11	3389
1455	IT-WS-048	2026-02-12T02:26:03.239Z	3	C:\Windows\System32\code.exe	ACME\hbrown	udp	10.10.1.148	52252	222.96.25.53	389
1456	IT-WS-048	2026-02-13T20:48:50.222Z	3	C:\Windows\System32\teams.exe	ACME\hbrown	udp	10.10.1.148	58785	10.10.1.148	445
1457	IT-WS-048	2026-02-12T13:30:58.928Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	tcp	10.10.1.148	62218	204.184.184.108	8080
1458	IT-WS-048	2026-02-13T11:09:45.412Z	3	C:\Windows\System32\taskhostw.exe	ACME\hbrown	udp	10.10.1.148	61293	63.63.174.123	445
1459	IT-WS-048	2026-02-10T21:41:33.196Z	3	C:\Windows\System32\powershell.exe	ACME\hbrown	tcp	10.10.1.148	54809	10.10.3.120	80
1460	IT-WS-048	2026-02-13T03:40:07.984Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	64678	204.46.78.31	389
1461	IT-WS-048	2026-02-12T22:36:58.002Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\hbrown	tcp	10.10.1.148	63939	7.144.102.49	53
1462	IT-WS-048	2026-02-20T01:24:15.265Z	3	C:\Windows\System32\services.exe	ACME\hbrown	tcp	10.10.1.148	62859	214.225.83.124	53
1463	IT-WS-048	2026-02-17T10:24:58.657Z	3	C:\Windows\System32\spoolsv.exe	ACME\hbrown	udp	10.10.1.148	64719	10.10.1.160	445
1464	IT-WS-048	2026-02-14T20:11:18.483Z	3	C:\Windows\System32\notepad.exe	ACME\hbrown	udp	10.10.1.148	63724	34.187.60.12	80	github.com
1465	IT-WS-048	2026-02-13T21:15:22.829Z	3	C:\Program Files\msedge.exe	ACME\hbrown	tcp	10.10.1.148	51736	10.10.1.163	445
1466	HR-WS-049	2026-02-13T23:45:40.525Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.2.149	58514	10.10.2.173	80
1467	HR-WS-049	2026-02-13T19:08:20.249Z	3	C:\Windows\System32\outlook.exe	ACME\idavis	udp	10.10.2.149	62606	10.10.3.138	8080
1468	HR-WS-049	2026-02-18T18:55:15.861Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	udp	10.10.2.149	58087	10.10.2.113	53
1469	HR-WS-049	2026-02-15T16:50:40.387Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.2.149	52211	10.10.1.175	53
1470	HR-WS-049	2026-02-20T10:44:09.826Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.2.149	55190	10.10.1.118	443
1471	HR-WS-049	2026-02-17T23:31:50.514Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	udp	10.10.2.149	58347	84.164.141.166	389
1472	HR-WS-049	2026-02-18T01:49:11.705Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.2.149	55808	10.10.1.172	389
1473	HR-WS-049	2026-02-11T14:11:22.685Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	udp	10.10.2.149	63488	10.10.1.175	3389
1474	HR-WS-049	2026-02-18T05:12:58.128Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.2.149	60180	10.10.2.104	3389
1475	HR-WS-049	2026-02-15T05:04:32.043Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	udp	10.10.2.149	50894	10.10.2.152	389
1476	HR-WS-049	2026-02-15T02:17:37.625Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.2.149	51142	213.222.233.98	3389
1477	HR-WS-049	2026-02-10T20:26:51.914Z	3	C:\Windows\System32\teams.exe	ACME\idavis	tcp	10.10.2.149	58273	59.57.120.155	53	pokerstars.com
1478	HR-WS-049	2026-02-20T14:32:33.066Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.2.149	50191	35.144.152.218	443
1479	HR-WS-049	2026-02-18T19:24:46.742Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.2.149	50899	34.155.234.42	53
1480	HR-WS-049	2026-02-16T04:22:15.153Z	3	C:\Windows\System32\smss.exe	ACME\idavis	tcp	10.10.2.149	51066	107.10.163.166	80
1481	HR-WS-049	2026-02-20T00:15:56.802Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.2.149	61688	10.10.3.126	53
1482	HR-WS-049	2026-02-20T13:31:39.601Z	3	C:\Windows\System32\outlook.exe	ACME\idavis	udp	10.10.2.149	49273	10.10.2.158	80
1483	HR-WS-049	2026-02-16T13:58:08.795Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.2.149	50583	10.10.1.136	53	exch-01.acme.local
1484	HR-WS-049	2026-02-18T07:53:22.708Z	3	C:\Windows\System32\dwm.exe	ACME\idavis	tcp	10.10.2.149	55266	73.66.190.130	445
1485	HR-WS-049	2026-02-15T16:35:40.750Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.2.149	50369	10.10.3.114	8080
1486	HR-WS-049	2026-02-11T06:07:24.457Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	udp	10.10.2.149	53686	10.10.3.123	389
1487	HR-WS-049	2026-02-17T01:05:26.295Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.2.149	54844	34.200.210.122	443
1488	HR-WS-049	2026-02-16T00:47:49.425Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.2.149	49968	181.193.76.142	445
1489	HR-WS-049	2026-02-17T23:11:46.960Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.2.149	60689	126.80.27.88	3389	github.com
1490	HR-WS-049	2026-02-18T14:59:17.408Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.2.149	53218	10.10.1.151	80
1491	HR-WS-049	2026-02-14T11:44:07.253Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.2.149	65327	12.198.2.168	80
1492	HR-WS-049	2026-02-11T15:24:33.283Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.2.149	62062	10.10.2.155	8080
1493	HR-WS-049	2026-02-17T10:33:21.623Z	3	C:\Windows\System32\teams.exe	ACME\idavis	tcp	10.10.2.149	49468	10.10.2.140	3389
1494	HR-WS-049	2026-02-20T01:45:00.412Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.2.149	54607	10.10.2.158	53	pypi.org
1495	HR-WS-049	2026-02-15T15:11:12.774Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	udp	10.10.2.149	60099	10.10.1.118	80
1496	HR-WS-049	2026-02-11T04:28:25.733Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.2.149	63923	10.10.2.128	443	cloudflare.com
1497	HR-WS-049	2026-02-13T10:48:36.346Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.2.149	51950	75.210.186.34	80
1498	HR-WS-049	2026-02-13T10:52:53.255Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	udp	10.10.2.149	62508	5.205.158.81	389
1499	HR-WS-049	2026-02-19T19:19:48.935Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	udp	10.10.2.149	62922	10.10.3.144	389
1500	HR-WS-049	2026-02-15T23:58:54.560Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	tcp	10.10.2.149	59024	134.6.183.233	389
1501	HR-WS-049	2026-02-20T03:35:47.921Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	tcp	10.10.2.149	59419	204.97.72.58	389
1502	HR-WS-049	2026-02-14T06:02:59.049Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.2.149	50873	85.43.49.245	80
1503	HR-WS-049	2026-02-20T06:09:48.234Z	3	C:\Windows\System32\svchost.exe	ACME\idavis	tcp	10.10.2.149	50303	100.242.145.120	8080
1504	HR-WS-049	2026-02-19T09:39:49.129Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.2.149	60561	18.55.222.176	53
1505	FIN-WS-050	2026-02-18T01:01:12.392Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.3.150	50395	153.2.118.149	53
1506	FIN-WS-050	2026-02-11T09:05:48.404Z	3	C:\Windows\System32\teams.exe	ACME\agarcia	udp	10.10.3.150	60581	25.7.168.106	443
1507	FIN-WS-050	2026-02-14T03:02:07.060Z	3	C:\Windows\System32\cmd.exe	ACME\agarcia	udp	10.10.3.150	58070	125.31.225.137	445
1508	FIN-WS-050	2026-02-16T01:34:30.779Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	udp	10.10.3.150	61005	26.67.61.220	3389
1509	FIN-WS-050	2026-02-12T12:51:34.434Z	3	C:\Windows\System32\svchost.exe	ACME\agarcia	udp	10.10.3.150	59083	10.10.3.114	445	acme.sharepoint.com
1510	FIN-WS-050	2026-02-20T05:47:38.371Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.3.150	54218	72.132.61.82	3389
1511	FIN-WS-050	2026-02-20T07:38:28.344Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.3.150	55092	9.103.217.238	445	graph.microsoft.com
1512	FIN-WS-050	2026-02-11T16:46:59.058Z	3	C:\Windows\System32\winlogon.exe	ACME\agarcia	udp	10.10.3.150	56891	110.23.84.235	8080
1513	FIN-WS-050	2026-02-10T16:14:44.248Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.3.150	53617	109.235.191.88	8080
1514	FIN-WS-050	2026-02-11T19:30:15.849Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.3.150	64151	109.220.246.230	389
1515	FIN-WS-050	2026-02-18T09:34:36.128Z	3	C:\Program Files\msedge.exe	ACME\agarcia	tcp	10.10.3.150	51934	91.3.98.174	8080
1516	FIN-WS-050	2026-02-19T07:11:19.165Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	tcp	10.10.3.150	61458	115.205.146.11	80
1517	FIN-WS-050	2026-02-13T01:11:20.153Z	3	C:\Windows\System32\code.exe	ACME\agarcia	tcp	10.10.3.150	63884	10.10.1.124	53
1518	FIN-WS-050	2026-02-15T08:39:49.396Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\agarcia	udp	10.10.3.150	53716	10.10.3.129	8080
1519	FIN-WS-050	2026-02-15T19:46:35.728Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	udp	10.10.3.150	53455	10.10.2.167	8080	akamai.net
1520	FIN-WS-050	2026-02-12T17:42:16.058Z	3	C:\Windows\System32\taskhostw.exe	ACME\agarcia	tcp	10.10.3.150	56890	8.193.247.36	53
1521	FIN-WS-050	2026-02-18T11:08:02.139Z	3	C:\Windows\System32\code.exe	ACME\agarcia	tcp	10.10.3.150	53670	10.10.3.162	389
1522	FIN-WS-050	2026-02-11T03:48:33.124Z	3	C:\Program Files\msedge.exe	ACME\agarcia	udp	10.10.3.150	52259	141.88.95.63	443
1523	FIN-WS-050	2026-02-14T00:14:08.562Z	3	C:\Windows\System32\lsass.exe	ACME\agarcia	udp	10.10.3.150	58962	162.179.177.221	389
1524	FIN-WS-050	2026-02-11T10:10:09.404Z	3	C:\Windows\System32\notepad.exe	ACME\agarcia	udp	10.10.3.150	64071	10.10.3.156	80
1525	FIN-WS-050	2026-02-17T02:17:33.579Z	3	C:\Windows\System32\powershell.exe	ACME\agarcia	udp	10.10.3.150	54675	169.190.46.169	53
1526	FIN-WS-050	2026-02-19T01:53:09.176Z	3	C:\Windows\System32\taskhostw.exe	ACME\agarcia	tcp	10.10.3.150	56586	63.128.234.116	3389
1527	FIN-WS-050	2026-02-19T18:11:54.360Z	3	C:\Windows\System32\SearchHost.exe	ACME\agarcia	udp	10.10.3.150	65359	10.10.3.141	80
1528	FIN-WS-050	2026-02-17T15:17:14.959Z	3	C:\Program Files\chrome.exe	ACME\agarcia	tcp	10.10.3.150	55992	88.96.190.184	53
1529	FIN-WS-050	2026-02-16T09:44:45.131Z	3	C:\Program Files\chrome.exe	ACME\agarcia	udp	10.10.3.150	50254	98.5.155.220	389
1530	FIN-WS-050	2026-02-17T00:26:18.547Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	tcp	10.10.3.150	62405	10.10.3.141	443
1531	FIN-WS-050	2026-02-17T21:34:07.287Z	3	C:\Windows\System32\explorer.exe	ACME\agarcia	tcp	10.10.3.150	62615	199.170.254.205	443
1532	SLS-WS-051	2026-02-16T09:42:25.223Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.1.151	51762	10.10.1.112	8080
1533	SLS-WS-051	2026-02-20T16:36:42.168Z	3	C:\Windows\System32\System	ACME\idavis	tcp	10.10.1.151	64829	34.174.29.67	80
1534	SLS-WS-051	2026-02-14T09:18:25.350Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.1.151	62892	10.10.3.111	389
1535	SLS-WS-051	2026-02-11T12:36:03.498Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.1.151	64152	173.222.43.50	53
1536	SLS-WS-051	2026-02-11T17:25:05.186Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	tcp	10.10.1.151	58419	218.121.165.27	8080
1537	SLS-WS-051	2026-02-16T12:29:49.105Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.1.151	50392	30.39.69.101	389	stackoverflow.com
1538	SLS-WS-051	2026-02-19T06:36:26.366Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.151	49362	168.177.72.39	389
1539	SLS-WS-051	2026-02-13T15:22:48.298Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.1.151	52011	10.10.1.154	445
1540	SLS-WS-051	2026-02-17T13:17:25.731Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.151	51216	142.41.136.187	443
1541	SLS-WS-051	2026-02-17T22:03:25.550Z	3	C:\Windows\System32\code.exe	ACME\idavis	udp	10.10.1.151	55712	191.6.89.176	3389
1542	SLS-WS-051	2026-02-14T00:14:01.647Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.1.151	55049	10.10.1.10	80
1543	SLS-WS-051	2026-02-19T16:59:30.357Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.1.151	58567	142.78.83.116	445
1544	SLS-WS-051	2026-02-18T09:29:08.727Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.1.151	59124	10.10.1.115	389
1545	SLS-WS-051	2026-02-13T08:32:24.074Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.1.151	61581	10.10.1.109	80
1546	SLS-WS-051	2026-02-10T10:57:18.178Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.1.151	55933	10.10.1.136	389
1547	SLS-WS-051	2026-02-19T08:45:42.396Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	udp	10.10.1.151	54272	10.10.1.109	443	google.com
1548	SLS-WS-051	2026-02-13T04:48:09.113Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.1.151	58589	10.10.2.101	8080
1549	SLS-WS-051	2026-02-17T02:19:56.342Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.1.151	53970	10.10.3.108	3389
1550	SLS-WS-051	2026-02-15T23:12:50.080Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.151	59052	127.97.191.149	445
1551	SLS-WS-051	2026-02-14T06:07:57.048Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.1.151	57570	107.151.127.35	443
1552	SLS-WS-051	2026-02-15T17:17:06.889Z	3	C:\Windows\System32\svchost.exe	ACME\idavis	tcp	10.10.1.151	62299	10.10.3.129	445
1553	SLS-WS-051	2026-02-12T21:31:25.671Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.1.151	63165	38.135.184.251	8080
1554	SLS-WS-051	2026-02-16T20:02:11.341Z	3	C:\Windows\System32\code.exe	ACME\idavis	tcp	10.10.1.151	61445	7.129.27.236	53
1555	SLS-WS-051	2026-02-14T15:18:43.447Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	udp	10.10.1.151	61773	121.102.255.48	80
1556	SLS-WS-051	2026-02-14T03:58:17.702Z	3	C:\Windows\System32\outlook.exe	ACME\idavis	tcp	10.10.1.151	62912	197.137.139.29	80
1557	SLS-WS-051	2026-02-15T07:59:34.169Z	3	C:\Windows\System32\System	ACME\idavis	udp	10.10.1.151	65144	10.10.1.172	443
1558	ENG-WS-052	2026-02-12T03:33:24.376Z	3	C:\Windows\System32\cmd.exe	ACME\svc_web	udp	10.10.2.152	56700	10.10.2.131	53
1559	ENG-WS-052	2026-02-19T15:17:48.082Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.2.152	54199	10.10.2.107	445
1560	ENG-WS-052	2026-02-18T07:12:00.829Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	tcp	10.10.2.152	65496	153.194.165.92	3389
1561	ENG-WS-052	2026-02-17T17:19:57.984Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.152	59662	10.10.2.155	445
1562	ENG-WS-052	2026-02-18T15:18:30.722Z	3	C:\Windows\System32\code.exe	ACME\svc_web	udp	10.10.2.152	64492	10.10.1.118	3389
1563	ENG-WS-052	2026-02-15T00:05:57.880Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.2.152	56987	217.24.17.204	445
1564	ENG-WS-052	2026-02-13T14:09:18.043Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	udp	10.10.2.152	64528	10.10.1.118	389
1565	ENG-WS-052	2026-02-12T05:21:10.487Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.152	53103	96.66.126.68	389
1566	ENG-WS-052	2026-02-15T02:28:09.267Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	udp	10.10.2.152	57570	10.10.2.155	8080
1567	ENG-WS-052	2026-02-12T13:30:30.398Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.2.152	64963	74.83.22.224	8080
1568	ENG-WS-052	2026-02-17T19:59:48.812Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.2.152	64322	10.10.2.113	80
1569	ENG-WS-052	2026-02-19T22:04:55.356Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	tcp	10.10.2.152	53335	102.201.141.115	389
1570	ENG-WS-052	2026-02-17T08:03:24.712Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	udp	10.10.2.152	63351	10.10.1.175	389	acme.sharepoint.com
1571	ENG-WS-052	2026-02-16T10:35:19.580Z	3	C:\Windows\System32\svchost.exe	ACME\svc_web	udp	10.10.2.152	52493	163.12.159.89	3389
1572	ENG-WS-052	2026-02-11T09:35:56.862Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	tcp	10.10.2.152	52351	24.198.38.64	80
1573	ENG-WS-052	2026-02-15T16:32:20.367Z	3	C:\Windows\System32\code.exe	ACME\svc_web	udp	10.10.2.152	53086	10.10.2.122	443
1574	ENG-WS-052	2026-02-13T13:07:06.870Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	udp	10.10.2.152	64368	17.1.189.229	389
1575	ENG-WS-052	2026-02-16T12:11:24.174Z	3	C:\Windows\System32\services.exe	ACME\svc_web	tcp	10.10.2.152	63376	10.10.3.150	389
1576	ENG-WS-052	2026-02-12T09:16:08.797Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	udp	10.10.2.152	51538	33.173.205.116	3389
1577	ENG-WS-052	2026-02-10T23:07:01.935Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.2.152	63376	25.251.244.22	53
1578	ENG-WS-052	2026-02-15T02:25:50.253Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.152	62352	139.151.231.70	389
1579	ENG-WS-052	2026-02-14T09:34:53.384Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_web	udp	10.10.2.152	52115	10.10.1.121	3389
1580	ENG-WS-052	2026-02-12T00:51:59.623Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	udp	10.10.2.152	56146	196.179.34.223	80
1581	ENG-WS-052	2026-02-19T01:18:37.519Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.152	52246	10.10.2.101	3389
1582	ENG-WS-052	2026-02-12T12:57:10.767Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.2.152	60305	10.10.2.116	80
1583	ENG-WS-052	2026-02-18T02:52:43.604Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.2.152	53059	140.173.38.50	8080
1584	ENG-WS-052	2026-02-13T08:16:46.569Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_web	tcp	10.10.2.152	62568	156.228.73.207	445
1585	ENG-WS-052	2026-02-20T06:06:28.378Z	3	C:\Program Files\chrome.exe	ACME\svc_web	udp	10.10.2.152	61949	102.250.59.33	389
1586	ENG-WS-052	2026-02-18T22:35:07.080Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	tcp	10.10.2.152	59303	158.253.90.202	3389
1587	ENG-WS-052	2026-02-11T15:40:19.291Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	udp	10.10.2.152	62766	10.10.1.160	443
1588	ENG-WS-052	2026-02-20T05:27:25.662Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.152	49451	10.10.3.144	389
1589	ENG-WS-052	2026-02-20T10:05:59.218Z	3	C:\Windows\System32\notepad.exe	ACME\svc_web	tcp	10.10.2.152	64065	10.10.1.130	445
1590	ENG-WS-052	2026-02-13T09:01:20.410Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.152	57852	220.61.238.28	389
1591	ENG-WS-052	2026-02-12T18:11:31.776Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.2.152	55344	10.10.2.128	3389
1592	ENG-WS-052	2026-02-14T22:43:01.971Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	tcp	10.10.2.152	51489	163.85.251.224	443
1593	ENG-WS-052	2026-02-17T01:56:15.010Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_web	tcp	10.10.2.152	56381	31.30.47.13	80	googleapis.com
1594	ENG-WS-052	2026-02-12T03:13:17.878Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.2.152	62673	10.10.1.133	445
1595	ENG-WS-052	2026-02-14T12:34:41.568Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_web	udp	10.10.2.152	57316	10.10.1.163	80
1596	ENG-WS-052	2026-02-17T13:18:55.618Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.152	57360	110.215.247.27	8080
1597	ENG-WS-052	2026-02-17T15:23:26.270Z	3	C:\Windows\System32\System	ACME\svc_web	tcp	10.10.2.152	63694	10.10.2.146	443
1598	ENG-WS-052	2026-02-16T04:48:53.403Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_web	udp	10.10.2.152	52321	10.10.2.113	80
1599	ENG-WS-052	2026-02-16T18:47:11.793Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.2.152	60554	200.83.221.130	389	dc-01.acme.local
1600	ENG-WS-052	2026-02-12T19:15:33.826Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_web	udp	10.10.2.152	53993	10.10.1.145	53
1601	ENG-WS-052	2026-02-17T04:19:07.701Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_web	tcp	10.10.2.152	53846	176.187.66.229	8080
1602	ENG-WS-052	2026-02-12T18:42:51.777Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.2.152	55774	10.10.2.107	80
1603	ENG-WS-052	2026-02-16T10:52:32.006Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	tcp	10.10.2.152	57480	172.171.212.199	389
1604	ENG-WS-052	2026-02-10T08:32:22.630Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	udp	10.10.2.152	54591	10.10.1.145	445
1605	LEG-WS-053	2026-02-12T13:04:33.127Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.3.153	57892	10.10.3.144	80
1606	LEG-WS-053	2026-02-16T03:45:22.375Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	tcp	10.10.3.153	49700	137.206.144.170	80
1607	LEG-WS-053	2026-02-14T23:13:32.872Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	udp	10.10.3.153	57140	7.24.94.187	445
1608	LEG-WS-053	2026-02-12T06:08:46.603Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.3.153	52561	35.2.171.25	443
1609	LEG-WS-053	2026-02-18T11:18:34.060Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	tcp	10.10.3.153	56246	144.178.183.47	53
1610	LEG-WS-053	2026-02-15T23:36:35.539Z	3	C:\Windows\System32\System	ACME\cjohnson	udp	10.10.3.153	59596	167.127.125.133	3389
1611	LEG-WS-053	2026-02-17T22:21:07.216Z	3	C:\Windows\System32\spoolsv.exe	ACME\cjohnson	tcp	10.10.3.153	56703	125.215.244.158	8080
1612	LEG-WS-053	2026-02-10T12:48:52.939Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	udp	10.10.3.153	55785	133.203.0.15	53
1613	LEG-WS-053	2026-02-14T01:46:34.278Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	tcp	10.10.3.153	55753	10.10.3.159	53
1614	LEG-WS-053	2026-02-16T13:42:49.989Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.153	62385	29.52.214.82	8080
1615	LEG-WS-053	2026-02-17T03:55:18.720Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.3.153	58197	90.68.229.238	80
1616	LEG-WS-053	2026-02-11T17:34:19.904Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	udp	10.10.3.153	58997	10.10.1.154	445
1617	LEG-WS-053	2026-02-15T23:10:50.507Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.153	54578	10.10.1.139	80
1618	LEG-WS-053	2026-02-19T03:55:59.205Z	3	C:\Windows\System32\powershell.exe	ACME\cjohnson	udp	10.10.3.153	52303	176.71.177.140	3389
1619	LEG-WS-053	2026-02-17T01:22:40.788Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.3.153	52602	34.244.0.110	443
1620	LEG-WS-053	2026-02-15T13:40:27.418Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.153	57846	30.70.110.216	3389
1621	LEG-WS-053	2026-02-13T01:55:15.768Z	3	C:\Windows\System32\explorer.exe	ACME\cjohnson	udp	10.10.3.153	57929	10.10.3.144	80
1622	LEG-WS-053	2026-02-12T06:43:26.099Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.3.153	57006	10.10.1.169	8080
1623	LEG-WS-053	2026-02-15T06:53:00.617Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.153	54294	171.39.41.91	53
1624	LEG-WS-053	2026-02-12T14:57:58.604Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	udp	10.10.3.153	62938	190.185.84.134	8080
1625	LEG-WS-053	2026-02-15T08:20:23.936Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	tcp	10.10.3.153	51469	10.10.1.12	445
1626	LEG-WS-053	2026-02-17T18:20:09.264Z	3	C:\Windows\System32\MsMpEng.exe	ACME\cjohnson	tcp	10.10.3.153	52611	61.195.114.209	3389
1627	LEG-WS-053	2026-02-19T16:06:39.657Z	3	C:\Windows\System32\spoolsv.exe	ACME\cjohnson	udp	10.10.3.153	60480	10.10.2.131	445
1628	LEG-WS-053	2026-02-20T01:40:21.842Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	tcp	10.10.3.153	50254	10.10.2.164	443
1629	LEG-WS-053	2026-02-18T01:03:33.139Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.3.153	56809	33.14.223.104	389
1630	LEG-WS-053	2026-02-13T10:17:35.108Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	udp	10.10.3.153	58022	10.10.3.120	80
1631	LEG-WS-053	2026-02-18T10:08:15.738Z	3	C:\Windows\System32\lsass.exe	ACME\cjohnson	tcp	10.10.3.153	54118	64.14.172.152	443
1632	LEG-WS-053	2026-02-12T12:33:14.308Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	udp	10.10.3.153	62085	121.253.118.111	389	aws.amazon.com
1633	LEG-WS-053	2026-02-16T02:46:39.043Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.3.153	61652	10.10.3.10	445
1634	LEG-WS-053	2026-02-19T13:19:35.345Z	3	C:\Windows\System32\SearchHost.exe	ACME\cjohnson	tcp	10.10.3.153	65002	10.10.3.171	53
1635	LEG-WS-053	2026-02-12T08:47:22.254Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.3.153	51645	108.107.200.186	8080
1636	LEG-WS-053	2026-02-20T02:24:05.337Z	3	C:\Windows\System32\explorer.exe	ACME\cjohnson	udp	10.10.3.153	61267	170.36.239.147	445
1637	MKT-WS-054	2026-02-11T22:29:45.222Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	udp	10.10.1.154	61334	110.92.98.174	445
1638	MKT-WS-054	2026-02-11T13:15:32.707Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.154	62585	10.10.3.120	445
1639	MKT-WS-054	2026-02-19T11:18:17.485Z	3	C:\Windows\System32\explorer.exe	ACME\cjohnson	tcp	10.10.1.154	50482	10.10.3.147	53
1640	MKT-WS-054	2026-02-14T18:28:10.577Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	udp	10.10.1.154	58063	164.207.64.190	389
1641	MKT-WS-054	2026-02-18T12:57:13.076Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	tcp	10.10.1.154	52827	204.183.117.145	389
1642	MKT-WS-054	2026-02-15T17:36:56.190Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.1.154	50194	10.10.2.116	445
1643	MKT-WS-054	2026-02-14T13:55:54.924Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.1.154	54989	113.218.127.65	53
1644	MKT-WS-054	2026-02-15T21:04:11.447Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	tcp	10.10.1.154	49829	10.10.1.12	3389
1645	MKT-WS-054	2026-02-17T10:00:08.624Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	tcp	10.10.1.154	51192	149.42.228.241	3389
1646	MKT-WS-054	2026-02-17T10:07:57.563Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	udp	10.10.1.154	50230	10.10.3.162	53
1647	MKT-WS-054	2026-02-18T09:40:49.451Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.154	53832	13.107.238.24	53
1648	MKT-WS-054	2026-02-13T20:36:37.542Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	tcp	10.10.1.154	57917	110.208.161.182	8080
1649	MKT-WS-054	2026-02-10T21:43:46.742Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	udp	10.10.1.154	57391	92.224.128.75	53
1650	EXEC-WS-055	2026-02-16T06:32:37.292Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.2.155	49580	10.10.1.109	80
1651	EXEC-WS-055	2026-02-11T02:40:13.988Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	tcp	10.10.2.155	65478	10.10.1.145	80
1652	EXEC-WS-055	2026-02-19T02:14:24.237Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.2.155	57590	121.91.255.237	53
1653	EXEC-WS-055	2026-02-13T02:04:46.191Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	udp	10.10.2.155	59256	74.222.240.45	389
1654	EXEC-WS-055	2026-02-12T13:59:11.464Z	3	C:\Windows\System32\services.exe	ACME\emartinez	udp	10.10.2.155	51345	66.51.231.94	3389
1655	EXEC-WS-055	2026-02-19T23:20:16.489Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	udp	10.10.2.155	52189	10.10.3.150	445
1656	EXEC-WS-055	2026-02-12T10:33:43.739Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	tcp	10.10.2.155	60083	35.127.145.35	445
1657	EXEC-WS-055	2026-02-15T19:50:41.289Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.2.155	54177	111.194.101.124	3389
1658	EXEC-WS-055	2026-02-16T06:01:47.470Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.2.155	51239	10.10.3.132	53
1659	EXEC-WS-055	2026-02-16T20:52:27.504Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.2.155	56534	10.10.2.155	389
1660	EXEC-WS-055	2026-02-12T05:22:45.506Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.2.155	56592	141.208.97.82	443
1661	EXEC-WS-055	2026-02-12T10:53:06.669Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	udp	10.10.2.155	61305	10.10.3.111	443
1662	EXEC-WS-055	2026-02-16T14:49:24.780Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.2.155	52982	132.78.149.14	443
1663	EXEC-WS-055	2026-02-16T21:17:10.902Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.2.155	52017	10.10.3.132	389
1664	EXEC-WS-055	2026-02-19T11:53:40.168Z	3	C:\Windows\System32\SearchHost.exe	ACME\emartinez	udp	10.10.2.155	57382	178.158.84.142	8080
1665	EXEC-WS-055	2026-02-18T01:01:28.133Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	tcp	10.10.2.155	53734	92.202.247.56	80
1666	EXEC-WS-055	2026-02-11T02:04:40.931Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.2.155	55208	134.238.95.191	445
1667	EXEC-WS-055	2026-02-13T22:02:17.406Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.2.155	61156	10.10.2.149	80
1668	EXEC-WS-055	2026-02-12T23:06:05.109Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.2.155	58335	69.206.36.182	80	pypi.org
1669	EXEC-WS-055	2026-02-15T12:47:04.082Z	3	C:\Windows\System32\code.exe	ACME\emartinez	udp	10.10.2.155	51785	10.10.1.106	53
1670	EXEC-WS-055	2026-02-19T21:39:38.045Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.2.155	56057	10.10.1.160	389	login.microsoftonline.com
1671	EXEC-WS-055	2026-02-11T22:31:00.586Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.2.155	62576	10.10.2.125	445
1672	EXEC-WS-055	2026-02-12T23:17:33.385Z	3	C:\Windows\System32\code.exe	ACME\emartinez	udp	10.10.2.155	53645	10.10.2.134	8080
1673	EXEC-WS-055	2026-02-18T16:46:28.580Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	tcp	10.10.2.155	65195	49.116.226.203	80
1674	EXEC-WS-055	2026-02-11T10:12:44.186Z	3	C:\Windows\System32\code.exe	ACME\emartinez	tcp	10.10.2.155	60037	10.10.3.108	8080
1675	EXEC-WS-055	2026-02-15T06:07:51.453Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.2.155	57075	112.133.143.120	8080
1676	IT-WS-056	2026-02-15T01:40:13.584Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.3.156	54620	10.10.1.133	445
1677	IT-WS-056	2026-02-11T16:26:37.456Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.3.156	58354	10.10.3.159	443
1678	IT-WS-056	2026-02-14T22:54:14.324Z	3	C:\Windows\System32\code.exe	ACME\emartinez	tcp	10.10.3.156	62847	26.22.147.204	53
1679	IT-WS-056	2026-02-16T00:40:46.403Z	3	C:\Windows\System32\code.exe	ACME\emartinez	udp	10.10.3.156	61716	132.229.163.144	445
1680	IT-WS-056	2026-02-13T13:44:33.761Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	tcp	10.10.3.156	60543	113.57.166.208	8080
1681	IT-WS-056	2026-02-14T20:52:11.389Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	tcp	10.10.3.156	55051	141.7.186.164	3389
1682	IT-WS-056	2026-02-13T02:56:59.062Z	3	C:\Windows\System32\System	ACME\emartinez	tcp	10.10.3.156	49859	43.47.37.136	3389
1683	IT-WS-056	2026-02-13T19:48:38.319Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.3.156	50328	10.10.3.168	445
1684	IT-WS-056	2026-02-11T08:25:07.908Z	3	C:\Windows\System32\SearchHost.exe	ACME\emartinez	udp	10.10.3.156	53494	10.10.2.164	443
1685	IT-WS-056	2026-02-14T12:39:12.245Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	udp	10.10.3.156	57083	214.43.157.158	8080
1686	IT-WS-056	2026-02-12T11:48:03.886Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.3.156	65287	94.56.223.2	389
1687	IT-WS-056	2026-02-12T01:38:52.746Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	tcp	10.10.3.156	53456	10.10.1.133	53
1688	IT-WS-056	2026-02-11T23:59:25.967Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.3.156	60995	10.10.3.10	3389
1689	IT-WS-056	2026-02-12T18:01:33.287Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.3.156	65042	44.251.240.199	443
1690	IT-WS-056	2026-02-10T23:34:11.307Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.3.156	54049	10.10.1.112	445
1691	IT-WS-056	2026-02-20T07:04:26.530Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	udp	10.10.3.156	59962	139.61.147.206	8080	github.com
1692	IT-WS-056	2026-02-16T11:07:48.052Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	tcp	10.10.3.156	64275	10.10.1.106	80
1693	IT-WS-056	2026-02-17T02:45:08.972Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	tcp	10.10.3.156	56818	10.10.2.122	53
1694	IT-WS-056	2026-02-18T00:30:15.555Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.3.156	58548	43.166.235.143	53
1695	IT-WS-056	2026-02-12T09:44:01.228Z	3	C:\Windows\System32\SearchHost.exe	ACME\emartinez	tcp	10.10.3.156	61126	84.166.79.14	445
1696	IT-WS-056	2026-02-10T18:06:27.767Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.3.156	65260	10.10.3.174	80
1697	IT-WS-056	2026-02-10T22:24:45.134Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.3.156	57456	222.241.254.253	3389
1698	IT-WS-056	2026-02-14T23:14:13.592Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.3.156	60714	37.71.57.173	3389
1699	IT-WS-056	2026-02-15T10:19:41.111Z	3	C:\Windows\System32\taskhostw.exe	ACME\emartinez	udp	10.10.3.156	56948	202.186.88.157	443
1700	IT-WS-056	2026-02-20T02:33:26.366Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	udp	10.10.3.156	52102	10.10.2.101	3389
1701	IT-WS-056	2026-02-14T20:30:15.243Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.3.156	54926	104.14.192.166	80
1702	IT-WS-056	2026-02-13T14:03:35.489Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.3.156	55819	114.36.113.48	80
1703	IT-WS-056	2026-02-15T10:01:13.624Z	3	C:\Windows\System32\teams.exe	ACME\emartinez	tcp	10.10.3.156	53516	10.10.2.143	80	dc-01.acme.local
1704	IT-WS-056	2026-02-19T23:13:00.220Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.3.156	58551	217.157.156.30	53
1705	IT-WS-056	2026-02-15T10:16:33.258Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.3.156	51353	207.96.193.17	53
1706	IT-WS-056	2026-02-16T11:24:40.871Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.3.156	52390	10.10.1.118	8080
1707	HR-WS-057	2026-02-18T13:48:33.967Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	udp	10.10.1.157	50775	10.10.1.163	53
1708	HR-WS-057	2026-02-20T03:09:27.923Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.1.157	62514	161.236.203.164	389
1709	HR-WS-057	2026-02-10T14:01:28.603Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.1.157	51727	214.57.153.186	443
1710	HR-WS-057	2026-02-15T02:51:24.572Z	3	C:\Windows\System32\powershell.exe	ACME\cjohnson	tcp	10.10.1.157	56066	10.10.2.143	389
1711	HR-WS-057	2026-02-18T00:53:35.000Z	3	C:\Windows\System32\explorer.exe	ACME\cjohnson	tcp	10.10.1.157	60387	10.10.2.146	3389
1712	HR-WS-057	2026-02-13T20:52:26.991Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	tcp	10.10.1.157	63046	10.10.3.147	445	acme.local
1713	HR-WS-057	2026-02-13T09:42:09.419Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.1.157	54370	71.160.171.124	445	outlook.office365.com
1714	HR-WS-057	2026-02-20T14:09:39.258Z	3	C:\Windows\System32\MsMpEng.exe	ACME\cjohnson	tcp	10.10.1.157	57765	10.10.3.108	80
1715	HR-WS-057	2026-02-19T03:14:04.567Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	udp	10.10.1.157	51006	10.10.3.126	3389	graph.microsoft.com
1716	HR-WS-057	2026-02-19T11:22:30.963Z	3	C:\Windows\System32\MsMpEng.exe	ACME\cjohnson	tcp	10.10.1.157	55275	10.10.3.105	8080
1717	HR-WS-057	2026-02-18T14:41:21.081Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.1.157	53399	92.196.100.212	53
1718	HR-WS-057	2026-02-16T06:23:22.398Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	udp	10.10.1.157	53456	10.10.3.111	389
1719	HR-WS-057	2026-02-10T10:46:43.493Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.1.157	61433	10.10.2.131	443
1720	HR-WS-057	2026-02-18T21:59:24.699Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	udp	10.10.1.157	60814	10.10.2.173	445
1721	HR-WS-057	2026-02-19T18:50:39.008Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	tcp	10.10.1.157	59686	184.157.111.104	3389	update.microsoft.com
1722	HR-WS-057	2026-02-15T12:58:33.415Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	tcp	10.10.1.157	53274	220.148.203.116	443
1723	HR-WS-057	2026-02-12T12:02:03.270Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	udp	10.10.1.157	65362	10.10.3.111	445
1724	FIN-WS-058	2026-02-10T16:35:23.543Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	udp	10.10.2.158	52356	81.236.158.59	3389
1725	FIN-WS-058	2026-02-16T03:09:41.110Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.2.158	53917	66.95.126.15	8080
1726	FIN-WS-058	2026-02-14T11:54:33.626Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.2.158	53211	10.10.1.130	445
1727	FIN-WS-058	2026-02-16T22:03:59.397Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.2.158	56425	47.126.206.216	445
1728	FIN-WS-058	2026-02-10T12:17:28.357Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.2.158	57886	156.62.225.142	53
1729	FIN-WS-058	2026-02-19T06:29:24.726Z	3	C:\Windows\System32\OneDrive.exe	ACME\bwilson	tcp	10.10.2.158	54198	10.10.1.112	389
1730	FIN-WS-058	2026-02-13T23:53:32.586Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	tcp	10.10.2.158	51706	20.206.137.64	389	teams.microsoft.com
1731	FIN-WS-058	2026-02-13T16:06:04.813Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	tcp	10.10.2.158	51455	41.63.25.90	443
1732	FIN-WS-058	2026-02-18T18:41:01.944Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.2.158	59905	10.10.2.11	389
1733	FIN-WS-058	2026-02-19T15:43:00.871Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	tcp	10.10.2.158	51361	10.10.2.146	8080
1734	FIN-WS-058	2026-02-13T09:51:24.374Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.2.158	63373	10.10.1.175	443
1735	FIN-WS-058	2026-02-14T10:19:16.483Z	3	C:\Windows\System32\winlogon.exe	ACME\bwilson	tcp	10.10.2.158	52658	17.113.92.152	80
1736	FIN-WS-058	2026-02-11T05:55:02.841Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.2.158	54842	10.10.3.162	53
1737	FIN-WS-058	2026-02-11T15:34:04.900Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.2.158	56297	10.10.3.111	53
1738	FIN-WS-058	2026-02-16T13:53:42.116Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.2.158	55635	67.56.149.140	80
1739	FIN-WS-058	2026-02-19T20:18:47.768Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	udp	10.10.2.158	53452	44.143.123.72	53
1740	FIN-WS-058	2026-02-14T02:47:51.154Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	udp	10.10.2.158	51383	10.10.1.130	3389
1741	FIN-WS-058	2026-02-12T00:14:54.317Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	udp	10.10.2.158	64677	10.10.2.11	8080
1742	FIN-WS-058	2026-02-11T22:49:19.371Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	udp	10.10.2.158	54476	10.10.1.163	53
1743	FIN-WS-058	2026-02-17T18:43:26.795Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.2.158	54776	24.70.153.83	53
1744	FIN-WS-058	2026-02-11T22:57:52.313Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	tcp	10.10.2.158	65525	10.10.1.11	80
1745	FIN-WS-058	2026-02-13T21:10:23.674Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	udp	10.10.2.158	54542	216.234.35.134	443
1746	FIN-WS-058	2026-02-14T01:29:59.322Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.2.158	62956	10.10.2.119	53
1747	FIN-WS-058	2026-02-12T17:18:18.964Z	3	C:\Windows\System32\code.exe	ACME\bwilson	tcp	10.10.2.158	52272	10.10.3.108	3389	update.microsoft.com
1748	FIN-WS-058	2026-02-18T19:00:07.610Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.2.158	50486	131.47.53.5	53
1749	FIN-WS-058	2026-02-12T21:52:26.778Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.2.158	50182	10.10.1.118	53
1750	FIN-WS-058	2026-02-19T00:33:40.884Z	3	C:\Windows\System32\System	ACME\bwilson	udp	10.10.2.158	54927	10.10.1.112	80
1751	FIN-WS-058	2026-02-14T20:45:32.320Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.2.158	57272	10.10.1.118	389	pypi.org
1752	FIN-WS-058	2026-02-18T22:45:05.998Z	3	C:\Windows\System32\teams.exe	ACME\bwilson	udp	10.10.2.158	49410	43.118.228.84	8080
1753	SLS-WS-059	2026-02-19T21:25:30.616Z	3	C:\Windows\System32\services.exe	ACME\emartinez	udp	10.10.3.159	52592	89.101.254.142	389
1754	SLS-WS-059	2026-02-17T15:41:08.161Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.3.159	57834	10.10.2.152	8080
1755	SLS-WS-059	2026-02-12T01:45:20.358Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.3.159	57644	10.10.2.164	389
1756	SLS-WS-059	2026-02-18T15:50:04.098Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.3.159	55014	10.10.1.115	3389
1757	SLS-WS-059	2026-02-18T06:38:47.188Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.3.159	65130	208.125.7.152	443
1758	SLS-WS-059	2026-02-12T10:14:19.592Z	3	C:\Windows\System32\notepad.exe	ACME\emartinez	tcp	10.10.3.159	65108	92.75.96.233	53
1759	SLS-WS-059	2026-02-14T06:54:26.559Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.3.159	53931	10.10.1.163	80
1760	SLS-WS-059	2026-02-20T07:46:23.984Z	3	C:\Windows\System32\System	ACME\emartinez	tcp	10.10.3.159	63551	10.10.2.137	80
1761	SLS-WS-059	2026-02-10T14:30:15.980Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.3.159	50380	132.32.156.69	3389	pypi.org
1762	SLS-WS-059	2026-02-13T17:16:39.192Z	3	C:\Windows\System32\notepad.exe	ACME\emartinez	udp	10.10.3.159	53324	209.156.107.98	53	npmjs.com
1763	SLS-WS-059	2026-02-19T22:29:10.617Z	3	C:\Windows\System32\taskhostw.exe	ACME\emartinez	tcp	10.10.3.159	57458	10.10.3.126	445
1764	SLS-WS-059	2026-02-10T22:28:46.292Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.3.159	55781	10.10.3.162	389
1765	SLS-WS-059	2026-02-19T03:57:19.413Z	3	C:\Windows\System32\OneDrive.exe	ACME\emartinez	tcp	10.10.3.159	55071	62.218.254.199	3389
1766	SLS-WS-059	2026-02-19T08:45:16.532Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.3.159	51210	218.4.201.147	445
1767	SLS-WS-059	2026-02-14T01:16:33.316Z	3	C:\Windows\System32\services.exe	ACME\emartinez	udp	10.10.3.159	62805	27.136.189.94	80
1768	SLS-WS-059	2026-02-11T18:38:45.986Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.3.159	52700	10.10.1.10	443
1769	SLS-WS-059	2026-02-19T00:28:23.577Z	3	C:\Windows\System32\csrss.exe	ACME\emartinez	tcp	10.10.3.159	54014	10.10.1.133	53
1770	SLS-WS-059	2026-02-18T18:14:15.220Z	3	C:\Windows\System32\powershell.exe	ACME\emartinez	tcp	10.10.3.159	55459	10.10.2.155	80
1771	SLS-WS-059	2026-02-15T07:31:52.901Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.3.159	61088	10.10.3.108	8080
1772	SLS-WS-059	2026-02-16T19:38:12.780Z	3	C:\Windows\System32\svchost.exe	ACME\emartinez	udp	10.10.3.159	52139	111.126.165.25	3389
1773	SLS-WS-059	2026-02-10T23:25:59.020Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.3.159	59785	10.10.3.126	3389
1774	SLS-WS-059	2026-02-10T22:24:47.920Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.3.159	62436	10.10.3.168	445
1775	SLS-WS-059	2026-02-13T12:19:25.915Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.3.159	62311	9.149.6.115	8080
1776	SLS-WS-059	2026-02-16T02:02:01.611Z	3	C:\Windows\System32\SearchHost.exe	ACME\emartinez	tcp	10.10.3.159	61865	10.10.3.123	8080
1777	SLS-WS-059	2026-02-18T00:40:09.480Z	3	C:\Windows\System32\SearchHost.exe	ACME\emartinez	tcp	10.10.3.159	58514	203.76.145.15	3389
1778	SLS-WS-059	2026-02-12T16:50:01.294Z	3	C:\Windows\System32\lsass.exe	ACME\emartinez	udp	10.10.3.159	62385	10.10.3.10	445
1779	SLS-WS-059	2026-02-11T06:03:33.032Z	3	C:\Windows\System32\services.exe	ACME\emartinez	tcp	10.10.3.159	59422	116.210.155.73	53
1780	SLS-WS-059	2026-02-17T10:05:17.931Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.3.159	54692	98.9.11.6	443
1781	SLS-WS-059	2026-02-13T14:36:26.294Z	3	C:\Windows\System32\notepad.exe	ACME\emartinez	udp	10.10.3.159	59655	161.37.53.188	443
1782	SLS-WS-059	2026-02-14T19:55:55.677Z	3	C:\Windows\System32\OneDrive.exe	ACME\emartinez	tcp	10.10.3.159	55744	199.122.166.2	3389
1783	SLS-WS-059	2026-02-18T09:28:28.456Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.3.159	64532	10.10.2.10	80
1784	SLS-WS-059	2026-02-15T18:10:52.595Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.3.159	55575	10.10.3.171	389	update.microsoft.com
1785	SLS-WS-059	2026-02-19T23:54:37.243Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.3.159	53597	10.10.1.163	53
1786	SLS-WS-059	2026-02-18T07:47:44.487Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	tcp	10.10.3.159	63377	10.10.3.147	445
1787	SLS-WS-059	2026-02-19T21:41:42.827Z	3	C:\Windows\System32\svchost.exe	ACME\emartinez	tcp	10.10.3.159	52929	21.249.136.141	3389
1788	SLS-WS-059	2026-02-17T01:32:07.027Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	udp	10.10.3.159	63533	48.247.115.236	3389
1789	SLS-WS-059	2026-02-11T17:11:59.404Z	3	C:\Windows\System32\notepad.exe	ACME\emartinez	udp	10.10.3.159	51926	110.245.31.247	3389
1790	SLS-WS-059	2026-02-20T17:10:40.144Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	tcp	10.10.3.159	59064	32.143.253.188	8080
1791	SLS-WS-059	2026-02-20T07:32:47.769Z	3	C:\Windows\System32\System	ACME\emartinez	udp	10.10.3.159	51042	110.99.94.220	3389
1792	SLS-WS-059	2026-02-13T02:43:55.433Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	udp	10.10.3.159	51264	114.170.235.188	443
1793	SLS-WS-059	2026-02-11T19:50:27.171Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.3.159	62735	33.224.231.14	445
1794	SLS-WS-059	2026-02-15T05:00:36.271Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.3.159	53666	10.10.2.113	443
1795	SLS-WS-059	2026-02-11T16:18:09.615Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.3.159	60554	10.10.3.174	443
1796	ENG-WS-060	2026-02-13T00:12:09.273Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.1.160	60784	10.10.1.142	445
1797	ENG-WS-060	2026-02-19T12:05:30.282Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	udp	10.10.1.160	59417	84.132.80.120	80
1798	ENG-WS-060	2026-02-16T00:21:53.794Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_web	udp	10.10.1.160	63251	10.10.1.109	53
1799	ENG-WS-060	2026-02-18T00:31:25.831Z	3	C:\Windows\System32\dwm.exe	ACME\svc_web	tcp	10.10.1.160	51574	10.10.2.152	53
1800	ENG-WS-060	2026-02-12T00:34:09.765Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.1.160	60926	15.162.252.55	443
1801	ENG-WS-060	2026-02-12T22:53:58.575Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	tcp	10.10.1.160	50842	30.63.227.197	389
1802	ENG-WS-060	2026-02-16T02:22:21.455Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	udp	10.10.1.160	53066	187.88.25.250	443
1803	ENG-WS-060	2026-02-12T13:41:48.088Z	3	C:\Windows\System32\services.exe	ACME\svc_web	udp	10.10.1.160	54187	10.10.3.132	53
1804	ENG-WS-060	2026-02-13T00:15:43.685Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.1.160	50345	178.16.70.77	3389
1805	ENG-WS-060	2026-02-18T03:26:27.937Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.1.160	51750	23.50.127.203	443
1806	ENG-WS-060	2026-02-19T16:47:15.692Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	udp	10.10.1.160	55137	120.76.143.247	443
1807	ENG-WS-060	2026-02-10T08:15:58.741Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	tcp	10.10.1.160	51229	82.129.175.29	8080
1808	ENG-WS-060	2026-02-15T14:25:23.193Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.1.160	55026	10.10.1.106	445
1809	ENG-WS-060	2026-02-19T14:37:15.396Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_web	udp	10.10.1.160	64678	64.88.251.81	53
1810	ENG-WS-060	2026-02-12T20:47:18.926Z	3	C:\Windows\System32\powershell.exe	ACME\svc_web	tcp	10.10.1.160	63480	10.10.2.158	445
1811	ENG-WS-060	2026-02-13T06:09:46.085Z	3	C:\Windows\System32\teams.exe	ACME\svc_web	tcp	10.10.1.160	63683	147.233.133.162	53
1812	ENG-WS-060	2026-02-14T15:11:14.703Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.1.160	53056	191.217.247.120	8080	pypi.org
1813	ENG-WS-060	2026-02-11T21:21:15.642Z	3	C:\Windows\System32\powershell.exe	ACME\svc_web	udp	10.10.1.160	61248	192.171.32.16	445
1814	ENG-WS-060	2026-02-12T06:14:42.378Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.1.160	57760	161.2.240.224	445
1815	ENG-WS-060	2026-02-17T02:20:45.413Z	3	C:\Windows\System32\cmd.exe	ACME\svc_web	tcp	10.10.1.160	55877	194.184.161.216	8080
1816	ENG-WS-060	2026-02-17T06:28:33.430Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.1.160	59777	10.10.3.135	53
1817	ENG-WS-060	2026-02-20T15:24:25.600Z	3	C:\Windows\System32\csrss.exe	ACME\svc_web	udp	10.10.1.160	63093	15.219.253.203	80
1818	ENG-WS-060	2026-02-12T20:28:42.957Z	3	C:\Windows\System32\smss.exe	ACME\svc_web	tcp	10.10.1.160	54759	10.10.2.167	53
1819	ENG-WS-060	2026-02-10T23:51:03.228Z	3	C:\Program Files\msedge.exe	ACME\svc_web	udp	10.10.1.160	49393	57.18.9.90	53	googleapis.com
1820	ENG-WS-060	2026-02-17T18:26:23.422Z	3	C:\Windows\System32\outlook.exe	ACME\svc_web	tcp	10.10.1.160	62420	10.10.3.156	53	github.com
1821	ENG-WS-060	2026-02-14T13:46:11.701Z	3	C:\Windows\System32\cmd.exe	ACME\svc_web	tcp	10.10.1.160	49297	10.10.3.171	443
1822	ENG-WS-060	2026-02-15T03:16:47.629Z	3	C:\Windows\System32\code.exe	ACME\svc_web	udp	10.10.1.160	63719	219.241.188.136	445
1823	ENG-WS-060	2026-02-11T20:06:11.591Z	3	C:\Windows\System32\System	ACME\svc_web	udp	10.10.1.160	61001	62.56.104.173	53
1824	ENG-WS-060	2026-02-20T06:36:47.733Z	3	C:\Windows\System32\lsass.exe	ACME\svc_web	udp	10.10.1.160	59724	68.111.208.254	53
1825	ENG-WS-060	2026-02-20T04:09:09.133Z	3	C:\Windows\System32\explorer.exe	ACME\svc_web	udp	10.10.1.160	50990	10.10.1.124	8080
1826	ENG-WS-060	2026-02-19T19:07:05.530Z	3	C:\Program Files\chrome.exe	ACME\svc_web	tcp	10.10.1.160	64101	10.10.1.163	8080
1827	ENG-WS-060	2026-02-20T13:34:58.766Z	3	C:\Windows\System32\svchost.exe	ACME\svc_web	udp	10.10.1.160	56865	10.10.3.126	389
1828	ENG-WS-060	2026-02-12T08:22:08.580Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_web	tcp	10.10.1.160	50190	10.10.2.104	389
1829	ENG-WS-060	2026-02-14T09:29:19.652Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_web	udp	10.10.1.160	56524	10.10.2.110	445
1830	ENG-WS-060	2026-02-10T10:47:33.357Z	3	C:\Program Files\msedge.exe	ACME\svc_web	tcp	10.10.1.160	60133	82.25.46.9	389
1831	LEG-WS-061	2026-02-20T09:00:20.807Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.2.161	56970	32.92.153.169	53
1832	LEG-WS-061	2026-02-17T15:08:42.873Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	udp	10.10.2.161	52214	10.10.1.145	53
1833	LEG-WS-061	2026-02-16T18:16:40.531Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	udp	10.10.2.161	52213	10.10.1.175	80
1834	LEG-WS-061	2026-02-15T23:40:51.648Z	3	C:\Windows\System32\lsass.exe	ACME\cjohnson	tcp	10.10.2.161	52531	10.10.3.129	3389
1835	LEG-WS-061	2026-02-18T01:07:34.981Z	3	C:\Windows\System32\System	ACME\cjohnson	tcp	10.10.2.161	53879	60.156.255.200	389
1836	LEG-WS-061	2026-02-15T12:27:35.044Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.2.161	52601	3.143.80.74	389
1837	LEG-WS-061	2026-02-12T10:27:34.811Z	3	C:\Windows\System32\lsass.exe	ACME\cjohnson	tcp	10.10.2.161	50245	10.10.1.127	389	windowsupdate.com
1838	LEG-WS-061	2026-02-11T08:59:05.183Z	3	C:\Windows\System32\services.exe	ACME\cjohnson	udp	10.10.2.161	50881	10.10.2.107	445
1839	LEG-WS-061	2026-02-10T20:20:31.259Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.161	62455	72.238.201.128	53
1840	LEG-WS-061	2026-02-19T14:41:32.004Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.2.161	64409	221.38.160.144	53
1841	LEG-WS-061	2026-02-17T21:35:46.218Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.161	52586	206.149.175.198	389	stackoverflow.com
1842	LEG-WS-061	2026-02-12T23:22:09.065Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.161	63421	10.10.3.129	443
1843	LEG-WS-061	2026-02-20T15:08:34.903Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	udp	10.10.2.161	59859	10.10.3.162	389
1844	LEG-WS-061	2026-02-13T19:10:02.646Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	tcp	10.10.2.161	54646	215.221.104.229	445
1845	LEG-WS-061	2026-02-19T18:39:46.540Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	tcp	10.10.2.161	62496	10.10.1.151	53
1846	LEG-WS-061	2026-02-18T00:32:15.757Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	tcp	10.10.2.161	63995	10.10.2.137	445
1847	LEG-WS-061	2026-02-15T20:49:34.184Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	udp	10.10.2.161	62888	10.10.2.131	80	outlook.office365.com
1848	LEG-WS-061	2026-02-18T07:00:44.881Z	3	C:\Windows\System32\MsMpEng.exe	ACME\cjohnson	tcp	10.10.2.161	64190	81.128.72.244	3389
1849	LEG-WS-061	2026-02-15T16:05:39.749Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	tcp	10.10.2.161	54136	10.10.1.166	8080
1850	LEG-WS-061	2026-02-20T01:18:07.335Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	tcp	10.10.2.161	55582	41.24.206.75	445
1851	LEG-WS-061	2026-02-18T20:40:06.811Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	tcp	10.10.2.161	57540	10.10.1.112	443
1852	LEG-WS-061	2026-02-15T05:26:06.253Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.161	58914	10.10.1.175	53
1853	LEG-WS-061	2026-02-20T04:22:13.036Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	udp	10.10.2.161	50708	162.107.26.127	8080
1854	LEG-WS-061	2026-02-16T08:37:33.400Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	udp	10.10.2.161	56542	179.235.115.146	445
1855	LEG-WS-061	2026-02-18T20:48:16.430Z	3	C:\Windows\System32\csrss.exe	ACME\cjohnson	tcp	10.10.2.161	61029	10.10.2.137	389
1856	LEG-WS-061	2026-02-19T10:39:36.136Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	udp	10.10.2.161	53726	10.10.3.108	53	npmjs.com
1857	LEG-WS-061	2026-02-15T05:40:58.759Z	3	C:\Windows\System32\lsass.exe	ACME\cjohnson	udp	10.10.2.161	56596	10.10.1.103	389
1858	LEG-WS-061	2026-02-16T17:13:09.864Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.161	59949	10.10.3.111	80
1859	LEG-WS-061	2026-02-16T07:03:44.249Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	tcp	10.10.2.161	59664	10.10.3.168	389
1860	LEG-WS-061	2026-02-10T20:04:42.762Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.2.161	57174	191.229.226.125	80
1861	LEG-WS-061	2026-02-14T15:12:52.979Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	udp	10.10.2.161	54269	70.51.10.3	80
1862	LEG-WS-061	2026-02-14T12:31:00.213Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.161	57643	186.104.90.51	443
1863	LEG-WS-061	2026-02-15T18:50:56.894Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	udp	10.10.2.161	49454	38.140.81.164	445
1864	LEG-WS-061	2026-02-17T21:06:47.809Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	udp	10.10.2.161	52654	10.10.1.139	389
1865	LEG-WS-061	2026-02-12T11:23:50.648Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	tcp	10.10.2.161	55774	10.10.2.167	8080
1866	LEG-WS-061	2026-02-13T03:22:52.873Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.2.161	65085	10.10.2.113	80
1867	LEG-WS-061	2026-02-17T09:17:11.921Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	tcp	10.10.2.161	57948	200.197.249.68	443
1868	LEG-WS-061	2026-02-12T18:55:49.316Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.161	52737	98.126.32.253	80
1869	LEG-WS-061	2026-02-17T01:30:46.038Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.2.161	58882	10.10.1.166	80
1870	LEG-WS-061	2026-02-20T02:26:49.202Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	udp	10.10.2.161	60527	10.10.3.168	8080
1871	MKT-WS-062	2026-02-15T12:39:45.779Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	udp	10.10.3.162	51708	10.10.3.159	445
1872	MKT-WS-062	2026-02-15T02:49:19.426Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.3.162	56852	10.10.3.135	443	pokerstars.com
1873	MKT-WS-062	2026-02-12T22:18:51.674Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.3.162	59815	10.10.2.158	443
1874	MKT-WS-062	2026-02-12T13:07:34.022Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.3.162	56271	215.255.138.233	389
1875	MKT-WS-062	2026-02-19T18:05:16.926Z	3	C:\Windows\System32\outlook.exe	ACME\dlee	udp	10.10.3.162	56753	216.210.43.146	80
1876	MKT-WS-062	2026-02-18T11:11:17.859Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\dlee	udp	10.10.3.162	59143	12.133.225.86	3389
1877	MKT-WS-062	2026-02-11T08:24:02.691Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.3.162	60066	68.63.253.79	389
1878	MKT-WS-062	2026-02-15T08:42:08.166Z	3	C:\Windows\System32\services.exe	ACME\dlee	tcp	10.10.3.162	63690	10.10.3.171	53
1879	MKT-WS-062	2026-02-17T21:50:03.310Z	3	C:\Windows\System32\SearchHost.exe	ACME\dlee	tcp	10.10.3.162	64296	10.10.1.142	8080
1880	MKT-WS-062	2026-02-19T14:58:20.710Z	3	C:\Windows\System32\teams.exe	ACME\dlee	udp	10.10.3.162	59312	10.10.2.173	443	www.bet365.com
1881	MKT-WS-062	2026-02-11T11:07:58.621Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.3.162	58367	10.10.3.174	445
1882	MKT-WS-062	2026-02-18T02:10:37.576Z	3	C:\Windows\System32\dwm.exe	ACME\dlee	udp	10.10.3.162	54903	10.10.2.167	445
1883	MKT-WS-062	2026-02-12T20:19:32.467Z	3	C:\Windows\System32\services.exe	ACME\dlee	udp	10.10.3.162	50502	164.92.136.23	80
1884	MKT-WS-062	2026-02-13T00:47:49.445Z	3	C:\Windows\System32\services.exe	ACME\dlee	tcp	10.10.3.162	59668	10.10.1.13	3389
1885	MKT-WS-062	2026-02-10T12:31:01.070Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.3.162	62217	10.10.1.10	53
1886	MKT-WS-062	2026-02-16T23:17:52.558Z	3	C:\Windows\System32\OneDrive.exe	ACME\dlee	udp	10.10.3.162	59451	10.10.2.10	80
1887	MKT-WS-062	2026-02-18T20:00:11.568Z	3	C:\Windows\System32\code.exe	ACME\dlee	udp	10.10.3.162	49502	10.10.2.119	53
1888	MKT-WS-062	2026-02-20T05:26:04.762Z	3	C:\Windows\System32\taskhostw.exe	ACME\dlee	tcp	10.10.3.162	60957	10.10.1.13	8080
1889	MKT-WS-062	2026-02-14T09:45:48.040Z	3	C:\Windows\System32\System	ACME\dlee	tcp	10.10.3.162	54960	165.226.91.146	80
1890	MKT-WS-062	2026-02-18T05:08:28.522Z	3	C:\Windows\System32\code.exe	ACME\dlee	tcp	10.10.3.162	54743	10.10.1.148	8080
1891	MKT-WS-062	2026-02-11T00:43:44.806Z	3	C:\Windows\System32\taskhostw.exe	ACME\dlee	udp	10.10.3.162	57535	129.248.254.4	8080
1892	MKT-WS-062	2026-02-17T04:30:11.361Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.3.162	57926	199.159.52.189	53
1893	MKT-WS-062	2026-02-16T09:56:41.304Z	3	C:\Windows\System32\dwm.exe	ACME\dlee	tcp	10.10.3.162	58822	54.15.244.71	3389
1894	MKT-WS-062	2026-02-13T02:22:22.532Z	3	C:\Windows\System32\OneDrive.exe	ACME\dlee	udp	10.10.3.162	65013	10.10.1.166	445
1895	MKT-WS-062	2026-02-18T19:07:52.817Z	3	C:\Windows\System32\smss.exe	ACME\dlee	tcp	10.10.3.162	61955	109.49.36.231	80
1896	MKT-WS-062	2026-02-17T17:03:23.655Z	3	C:\Windows\System32\code.exe	ACME\dlee	tcp	10.10.3.162	58261	133.65.35.112	80
1897	MKT-WS-062	2026-02-16T02:15:45.464Z	3	C:\Windows\System32\SearchHost.exe	ACME\dlee	tcp	10.10.3.162	59852	10.10.1.166	445	github.com
1898	MKT-WS-062	2026-02-16T14:01:07.820Z	3	C:\Windows\System32\teams.exe	ACME\dlee	tcp	10.10.3.162	55918	10.10.1.124	443
1899	MKT-WS-062	2026-02-17T22:08:19.356Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	udp	10.10.3.162	65488	10.10.2.140	445
1900	MKT-WS-062	2026-02-17T17:20:08.296Z	3	C:\Windows\System32\code.exe	ACME\dlee	tcp	10.10.3.162	58272	10.10.2.101	389
1901	MKT-WS-062	2026-02-17T07:00:29.938Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\dlee	tcp	10.10.3.162	58493	177.193.52.54	389
1902	MKT-WS-062	2026-02-12T13:26:14.913Z	3	C:\Windows\System32\code.exe	ACME\dlee	tcp	10.10.3.162	59366	10.10.3.120	53
1903	MKT-WS-062	2026-02-18T08:25:35.407Z	3	C:\Windows\System32\dwm.exe	ACME\dlee	tcp	10.10.3.162	63843	10.10.1.142	445
1904	MKT-WS-062	2026-02-20T04:29:47.277Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.3.162	50999	10.10.2.137	53
1905	MKT-WS-062	2026-02-12T17:23:40.096Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.3.162	62776	168.125.89.180	389	github.com
1906	MKT-WS-062	2026-02-11T08:30:38.472Z	3	C:\Windows\System32\SearchHost.exe	ACME\dlee	udp	10.10.3.162	63633	10.10.1.13	445
1907	MKT-WS-062	2026-02-14T14:37:08.162Z	3	C:\Windows\System32\lsass.exe	ACME\dlee	udp	10.10.3.162	51172	10.10.2.125	389
1908	MKT-WS-062	2026-02-10T20:30:10.949Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.3.162	62686	98.251.189.205	8080
1909	MKT-WS-062	2026-02-17T01:21:24.239Z	3	C:\Windows\System32\outlook.exe	ACME\dlee	tcp	10.10.3.162	62447	10.10.2.116	389
1910	EXEC-WS-063	2026-02-19T07:29:29.319Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.163	62156	10.10.3.165	3389
1911	EXEC-WS-063	2026-02-16T01:34:25.542Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.1.163	54769	10.10.1.142	445
1912	EXEC-WS-063	2026-02-14T10:45:20.664Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_sql	tcp	10.10.1.163	65292	28.140.58.185	445
1913	EXEC-WS-063	2026-02-14T01:53:09.646Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.1.163	58192	100.2.49.236	80
1914	EXEC-WS-063	2026-02-10T10:06:04.659Z	3	C:\Windows\System32\csrss.exe	ACME\svc_sql	udp	10.10.1.163	60932	10.10.2.134	389
1915	EXEC-WS-063	2026-02-13T15:29:14.257Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	tcp	10.10.1.163	61582	10.10.2.143	3389
1916	EXEC-WS-063	2026-02-10T11:43:12.543Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	tcp	10.10.1.163	50843	10.10.2.146	8080
1917	EXEC-WS-063	2026-02-13T02:25:30.459Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.1.163	51647	10.10.2.110	8080
1918	EXEC-WS-063	2026-02-18T11:10:16.903Z	3	C:\Windows\System32\svchost.exe	ACME\svc_sql	udp	10.10.1.163	57728	10.10.2.143	3389
1919	EXEC-WS-063	2026-02-19T04:48:39.079Z	3	C:\Windows\System32\outlook.exe	ACME\svc_sql	udp	10.10.1.163	51974	10.10.2.164	3389
1920	EXEC-WS-063	2026-02-19T18:16:50.911Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	tcp	10.10.1.163	55895	10.10.3.147	445
1921	EXEC-WS-063	2026-02-14T06:53:33.792Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	tcp	10.10.1.163	55523	10.10.3.114	389
1922	EXEC-WS-063	2026-02-17T14:06:14.228Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.163	51320	10.10.3.117	53
1923	EXEC-WS-063	2026-02-14T18:26:29.935Z	3	C:\Windows\System32\outlook.exe	ACME\svc_sql	udp	10.10.1.163	60814	25.130.168.74	53
1924	EXEC-WS-063	2026-02-16T07:43:18.714Z	3	C:\Windows\System32\System	ACME\svc_sql	udp	10.10.1.163	53554	10.10.2.149	80
1925	EXEC-WS-063	2026-02-15T03:26:00.320Z	3	C:\Windows\System32\svchost.exe	ACME\svc_sql	udp	10.10.1.163	63907	10.10.2.170	389
1926	EXEC-WS-063	2026-02-12T19:38:47.399Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.163	50379	10.10.1.13	443	www.bet365.com
1927	EXEC-WS-063	2026-02-10T08:56:02.737Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	udp	10.10.1.163	60618	10.10.1.133	8080
1928	EXEC-WS-063	2026-02-11T08:08:59.811Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.1.163	54903	10.10.1.172	80
1929	EXEC-WS-063	2026-02-11T00:12:43.694Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_sql	tcp	10.10.1.163	55263	10.10.2.113	445
1930	EXEC-WS-063	2026-02-14T22:58:46.127Z	3	C:\Windows\System32\outlook.exe	ACME\svc_sql	tcp	10.10.1.163	55649	189.185.228.92	389
1931	EXEC-WS-063	2026-02-13T04:09:29.104Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	udp	10.10.1.163	64082	184.24.131.136	80
1932	EXEC-WS-063	2026-02-14T12:35:09.845Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	udp	10.10.1.163	55564	10.10.1.127	80
1933	EXEC-WS-063	2026-02-17T00:30:08.204Z	3	C:\Windows\System32\svchost.exe	ACME\svc_sql	tcp	10.10.1.163	53758	211.95.186.222	53	stackoverflow.com
1934	EXEC-WS-063	2026-02-17T22:47:23.192Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	tcp	10.10.1.163	63731	10.10.1.151	389
1935	EXEC-WS-063	2026-02-11T02:02:20.264Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	tcp	10.10.1.163	57827	103.140.36.210	53
1936	EXEC-WS-063	2026-02-15T15:15:46.158Z	3	C:\Windows\System32\teams.exe	ACME\svc_sql	udp	10.10.1.163	49809	16.249.119.218	3389
1937	EXEC-WS-063	2026-02-20T08:49:14.729Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.163	60910	10.10.2.164	443
1938	EXEC-WS-063	2026-02-19T11:25:29.574Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	udp	10.10.1.163	64552	10.10.1.136	389
1939	EXEC-WS-063	2026-02-16T03:46:39.155Z	3	C:\Windows\System32\smss.exe	ACME\svc_sql	udp	10.10.1.163	49634	10.10.3.129	80	pokerstars.com
1940	EXEC-WS-063	2026-02-11T04:45:09.201Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_sql	tcp	10.10.1.163	54887	10.10.2.146	80
1941	EXEC-WS-063	2026-02-13T14:57:03.129Z	3	C:\Windows\System32\System	ACME\svc_sql	tcp	10.10.1.163	61467	10.10.1.142	445
1942	EXEC-WS-063	2026-02-20T16:46:49.091Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	udp	10.10.1.163	56705	67.102.229.221	445
1943	EXEC-WS-063	2026-02-18T02:03:02.064Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	udp	10.10.1.163	54636	217.244.71.223	389
1944	EXEC-WS-063	2026-02-19T10:06:35.229Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	udp	10.10.1.163	64481	10.10.1.172	445
1945	EXEC-WS-063	2026-02-14T06:39:08.624Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	udp	10.10.1.163	58471	217.72.168.190	8080
1946	EXEC-WS-063	2026-02-15T19:58:58.823Z	3	C:\Windows\System32\svchost.exe	ACME\svc_sql	tcp	10.10.1.163	50295	160.69.180.173	389
1947	EXEC-WS-063	2026-02-11T19:58:15.208Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.1.163	58494	10.10.2.131	445
1948	EXEC-WS-063	2026-02-15T08:45:20.927Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	udp	10.10.1.163	54936	10.10.1.175	445
1949	EXEC-WS-063	2026-02-15T17:39:43.482Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	tcp	10.10.1.163	49471	81.186.7.243	53
1950	EXEC-WS-063	2026-02-18T04:03:52.680Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	tcp	10.10.1.163	54322	10.10.1.154	80
1951	EXEC-WS-063	2026-02-11T09:36:51.426Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	udp	10.10.1.163	58796	144.21.180.233	443
1952	EXEC-WS-063	2026-02-18T12:55:37.130Z	3	C:\Windows\System32\System	ACME\svc_sql	udp	10.10.1.163	60376	10.10.2.122	389
1953	EXEC-WS-063	2026-02-15T02:11:29.634Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	udp	10.10.1.163	64780	10.10.3.138	8080
1954	EXEC-WS-063	2026-02-11T10:47:49.616Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	udp	10.10.1.163	55508	7.88.145.73	443
1955	IT-WS-064	2026-02-20T05:58:43.925Z	3	C:\Windows\System32\cmd.exe	ACME\svc_backup	tcp	10.10.2.164	65278	135.2.114.229	8080
1956	IT-WS-064	2026-02-14T03:31:20.305Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.164	61965	113.159.152.20	3389
1957	IT-WS-064	2026-02-15T03:08:19.218Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	udp	10.10.2.164	60085	10.10.1.166	53
1958	IT-WS-064	2026-02-20T03:32:56.523Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_backup	tcp	10.10.2.164	52143	139.123.87.80	445
1959	IT-WS-064	2026-02-16T11:44:13.468Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.164	54805	94.178.69.96	53
1960	IT-WS-064	2026-02-17T08:35:37.123Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	tcp	10.10.2.164	52712	197.117.228.76	443
1961	IT-WS-064	2026-02-13T01:22:24.877Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.164	63275	10.10.3.126	8080
1962	IT-WS-064	2026-02-13T03:11:24.289Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.164	53381	10.10.2.113	443
1963	IT-WS-064	2026-02-18T22:25:36.968Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	udp	10.10.2.164	58308	10.10.2.170	80
1964	IT-WS-064	2026-02-16T14:08:24.778Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_backup	tcp	10.10.2.164	54533	168.8.194.163	445
1965	IT-WS-064	2026-02-13T00:41:39.698Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	tcp	10.10.2.164	57397	143.172.183.39	443
1966	IT-WS-064	2026-02-13T04:04:40.275Z	3	C:\Windows\System32\smss.exe	ACME\svc_backup	tcp	10.10.2.164	54647	10.10.3.105	53
1967	IT-WS-064	2026-02-16T09:02:47.469Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_backup	udp	10.10.2.164	57883	100.37.32.32	8080
1968	IT-WS-064	2026-02-17T11:51:36.370Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	tcp	10.10.2.164	57471	10.10.1.112	3389
1969	IT-WS-064	2026-02-15T11:41:44.371Z	3	C:\Windows\System32\svchost.exe	ACME\svc_backup	udp	10.10.2.164	52097	60.3.14.32	389	stackoverflow.com
1970	IT-WS-064	2026-02-16T15:39:24.262Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.164	50561	10.10.2.134	443
1971	IT-WS-064	2026-02-14T09:16:48.708Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.164	64589	10.10.3.111	80
1972	IT-WS-064	2026-02-10T15:57:15.194Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.164	50118	164.34.186.233	3389
1973	IT-WS-064	2026-02-19T16:26:12.508Z	3	C:\Windows\System32\powershell.exe	ACME\svc_backup	tcp	10.10.2.164	63452	199.185.182.132	443
1974	IT-WS-064	2026-02-10T17:03:07.479Z	3	C:\Windows\System32\teams.exe	ACME\svc_backup	udp	10.10.2.164	57025	10.10.1.10	3389
1975	IT-WS-064	2026-02-11T08:30:43.999Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	tcp	10.10.2.164	62970	185.11.80.159	80
1976	IT-WS-064	2026-02-13T21:25:05.177Z	3	C:\Windows\System32\services.exe	ACME\svc_backup	tcp	10.10.2.164	61151	10.10.3.150	445
1977	IT-WS-064	2026-02-17T10:28:58.936Z	3	C:\Windows\System32\cmd.exe	ACME\svc_backup	tcp	10.10.2.164	57906	84.172.172.51	443
1978	IT-WS-064	2026-02-19T15:16:59.660Z	3	C:\Windows\System32\dwm.exe	ACME\svc_backup	udp	10.10.2.164	65030	93.203.161.141	8080
1979	IT-WS-064	2026-02-12T17:27:50.801Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_backup	tcp	10.10.2.164	55466	10.10.3.111	8080
1980	IT-WS-064	2026-02-15T09:18:03.766Z	3	C:\Program Files\chrome.exe	ACME\svc_backup	udp	10.10.2.164	63000	222.146.178.156	443
1981	IT-WS-064	2026-02-19T02:42:47.208Z	3	C:\Windows\System32\lsass.exe	ACME\svc_backup	tcp	10.10.2.164	59965	10.10.2.143	389
1982	IT-WS-064	2026-02-11T22:12:08.802Z	3	C:\Program Files\msedge.exe	ACME\svc_backup	udp	10.10.2.164	58169	158.59.231.100	80
1983	IT-WS-064	2026-02-14T12:52:08.844Z	3	C:\Windows\System32\outlook.exe	ACME\svc_backup	udp	10.10.2.164	63170	25.143.189.168	443	google.com
1984	IT-WS-064	2026-02-12T07:41:05.419Z	3	C:\Windows\System32\dwm.exe	ACME\svc_backup	udp	10.10.2.164	52852	126.58.242.153	389
1985	HR-WS-065	2026-02-20T13:49:03.334Z	3	C:\Windows\System32\smss.exe	ACME\svc_sql	tcp	10.10.3.165	58958	10.10.1.103	3389
1986	HR-WS-065	2026-02-13T19:38:19.945Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_sql	udp	10.10.3.165	56276	175.53.79.48	389	googleapis.com
1987	HR-WS-065	2026-02-18T02:58:40.858Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.3.165	52419	93.138.31.198	3389
1988	HR-WS-065	2026-02-17T09:39:00.195Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.3.165	59628	219.23.238.156	389
1989	HR-WS-065	2026-02-18T23:50:56.507Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.3.165	55877	9.149.8.192	8080
1990	HR-WS-065	2026-02-18T08:26:48.353Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	udp	10.10.3.165	62336	9.5.90.138	8080
1991	HR-WS-065	2026-02-18T03:25:09.624Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_sql	tcp	10.10.3.165	53389	10.10.3.168	3389
1992	HR-WS-065	2026-02-10T10:59:58.477Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	udp	10.10.3.165	52155	56.194.172.133	445
1993	HR-WS-065	2026-02-20T11:52:26.031Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\svc_sql	tcp	10.10.3.165	51851	10.10.1.154	445
1994	HR-WS-065	2026-02-20T01:20:50.393Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.3.165	50728	51.103.52.145	8080
1995	HR-WS-065	2026-02-14T22:30:49.110Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.3.165	58979	10.10.3.162	8080
1996	FIN-WS-066	2026-02-19T07:18:28.661Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.1.166	62949	10.10.2.104	389
1997	FIN-WS-066	2026-02-13T16:54:44.908Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.1.166	65256	10.10.1.115	443
1998	FIN-WS-066	2026-02-13T08:56:38.899Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.1.166	49589	214.191.177.205	443
1999	FIN-WS-066	2026-02-10T21:45:59.552Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.1.166	62946	28.125.150.225	443
2000	FIN-WS-066	2026-02-17T10:29:14.843Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.166	56756	10.10.3.171	3389
2001	FIN-WS-066	2026-02-15T03:18:49.898Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.166	60986	28.226.120.196	389
2002	FIN-WS-066	2026-02-15T06:36:47.051Z	3	C:\Windows\System32\taskhostw.exe	ACME\idavis	udp	10.10.1.166	55539	10.10.1.172	443	graph.microsoft.com
2003	FIN-WS-066	2026-02-13T19:35:28.926Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	udp	10.10.1.166	49846	72.229.204.244	8080
2004	FIN-WS-066	2026-02-16T18:27:10.994Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.1.166	60463	182.97.121.148	80
2005	FIN-WS-066	2026-02-10T09:30:42.391Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.1.166	53332	10.10.2.173	389	cloudflare.com
2006	FIN-WS-066	2026-02-20T15:21:31.895Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.1.166	49397	55.193.112.12	445
2007	FIN-WS-066	2026-02-20T01:49:11.145Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	tcp	10.10.1.166	52879	10.10.1.163	389
2008	FIN-WS-066	2026-02-17T14:07:59.704Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.1.166	64423	151.87.61.129	53
2009	FIN-WS-066	2026-02-15T17:46:21.669Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.1.166	64072	89.42.230.142	445
2010	FIN-WS-066	2026-02-12T14:16:39.311Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.1.166	50524	174.205.231.149	3389
2011	FIN-WS-066	2026-02-17T06:04:56.598Z	3	C:\Windows\System32\code.exe	ACME\idavis	udp	10.10.1.166	62015	10.10.1.145	389
2012	FIN-WS-066	2026-02-13T11:49:58.179Z	3	C:\Windows\System32\explorer.exe	ACME\idavis	udp	10.10.1.166	50928	79.93.91.207	443
2013	SLS-WS-067	2026-02-20T12:32:06.001Z	3	C:\Windows\System32\explorer.exe	ACME\svc_sql	tcp	10.10.2.167	64977	10.10.2.119	389
2014	SLS-WS-067	2026-02-18T08:47:36.020Z	3	C:\Windows\System32\dwm.exe	ACME\svc_sql	tcp	10.10.2.167	57485	10.10.3.156	389	stackoverflow.com
2015	SLS-WS-067	2026-02-11T09:06:59.525Z	3	C:\Windows\System32\smss.exe	ACME\svc_sql	tcp	10.10.2.167	52495	10.10.3.174	389
2016	SLS-WS-067	2026-02-13T05:33:08.436Z	3	C:\Windows\System32\cmd.exe	ACME\svc_sql	udp	10.10.2.167	51542	10.10.1.124	445
2017	SLS-WS-067	2026-02-14T03:36:45.349Z	3	C:\Windows\System32\dwm.exe	ACME\svc_sql	udp	10.10.2.167	54014	10.10.2.113	80
2018	SLS-WS-067	2026-02-19T16:03:36.880Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	udp	10.10.2.167	64766	39.26.254.215	445
2019	SLS-WS-067	2026-02-12T12:17:13.854Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	tcp	10.10.2.167	54153	80.19.26.114	53
2020	SLS-WS-067	2026-02-15T16:33:22.614Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.2.167	52520	138.189.228.230	443
2021	SLS-WS-067	2026-02-15T19:54:46.731Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_sql	tcp	10.10.2.167	58673	10.10.1.13	8080
2022	SLS-WS-067	2026-02-17T14:06:02.362Z	3	C:\Windows\System32\csrss.exe	ACME\svc_sql	udp	10.10.2.167	54830	210.174.12.156	80
2023	SLS-WS-067	2026-02-16T14:36:27.463Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	tcp	10.10.2.167	50223	10.10.3.162	8080
2024	SLS-WS-067	2026-02-13T12:26:13.168Z	3	C:\Windows\System32\SearchHost.exe	ACME\svc_sql	udp	10.10.2.167	52011	10.10.1.12	3389
2025	SLS-WS-067	2026-02-17T21:50:50.051Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_sql	udp	10.10.2.167	56456	10.10.3.126	8080
2026	SLS-WS-067	2026-02-19T07:30:11.474Z	3	C:\Windows\System32\services.exe	ACME\svc_sql	tcp	10.10.2.167	52891	20.54.170.143	443
2027	SLS-WS-067	2026-02-13T04:06:49.859Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	tcp	10.10.2.167	59872	10.10.3.117	443
2028	SLS-WS-067	2026-02-13T12:15:04.297Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.2.167	63968	75.116.138.5	53
2029	SLS-WS-067	2026-02-12T18:05:11.414Z	3	C:\Windows\System32\dwm.exe	ACME\svc_sql	udp	10.10.2.167	54815	10.10.3.159	389
2030	SLS-WS-067	2026-02-11T18:15:16.371Z	3	C:\Windows\System32\teams.exe	ACME\svc_sql	tcp	10.10.2.167	59169	10.10.1.12	53
2031	SLS-WS-067	2026-02-13T03:21:16.057Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.2.167	62509	150.42.130.49	443
2032	SLS-WS-067	2026-02-11T05:48:55.324Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	udp	10.10.2.167	60270	10.10.1.142	8080
2033	SLS-WS-067	2026-02-17T02:25:14.123Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.2.167	62413	10.10.1.142	8080	file-01.acme.local
2034	SLS-WS-067	2026-02-20T11:20:09.964Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	udp	10.10.2.167	51399	10.10.3.138	443	stackoverflow.com
2035	SLS-WS-067	2026-02-16T11:00:08.481Z	3	C:\Windows\System32\services.exe	ACME\svc_sql	udp	10.10.2.167	56050	188.107.188.120	3389
2036	SLS-WS-067	2026-02-13T09:07:40.506Z	3	C:\Windows\System32\teams.exe	ACME\svc_sql	udp	10.10.2.167	56098	219.227.26.134	80
2037	SLS-WS-067	2026-02-13T21:46:33.198Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.2.167	63820	10.10.2.119	443
2038	SLS-WS-067	2026-02-18T01:35:45.017Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.2.167	60732	51.152.37.204	80
2039	SLS-WS-067	2026-02-14T10:06:31.075Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.2.167	53869	10.10.3.135	8080
2040	SLS-WS-067	2026-02-18T19:46:20.623Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	tcp	10.10.2.167	62148	17.69.144.13	53
2041	SLS-WS-067	2026-02-19T14:48:15.403Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	tcp	10.10.2.167	57060	10.10.3.132	443
2042	SLS-WS-067	2026-02-15T03:55:38.819Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.2.167	50294	10.10.1.166	80
2043	SLS-WS-067	2026-02-17T12:33:54.064Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	tcp	10.10.2.167	59807	10.10.3.156	443
2044	SLS-WS-067	2026-02-19T21:57:04.746Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	udp	10.10.2.167	53555	10.10.2.167	443
2045	SLS-WS-067	2026-02-18T23:32:39.225Z	3	C:\Windows\System32\explorer.exe	ACME\svc_sql	tcp	10.10.2.167	57537	71.173.189.26	443
2046	SLS-WS-067	2026-02-14T01:57:33.314Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	udp	10.10.2.167	60887	105.194.37.222	445
2047	SLS-WS-067	2026-02-18T22:31:16.637Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.2.167	51170	10.10.2.122	80
2048	SLS-WS-067	2026-02-20T00:02:41.871Z	3	C:\Windows\System32\System	ACME\svc_sql	tcp	10.10.2.167	50583	10.10.2.122	389
2049	SLS-WS-067	2026-02-16T10:55:12.512Z	3	C:\Windows\System32\svchost.exe	ACME\svc_sql	tcp	10.10.2.167	65534	10.10.3.162	53
2050	SLS-WS-067	2026-02-10T23:12:03.300Z	3	C:\Windows\System32\powershell.exe	ACME\svc_sql	tcp	10.10.2.167	50385	71.240.122.114	445
2051	SLS-WS-067	2026-02-11T20:38:22.050Z	3	C:\Windows\System32\System	ACME\svc_sql	udp	10.10.2.167	54202	97.53.219.14	3389
2052	SLS-WS-067	2026-02-18T06:02:25.604Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_sql	tcp	10.10.2.167	51753	142.93.239.114	3389
2053	SLS-WS-067	2026-02-11T22:04:25.668Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.2.167	56212	60.86.181.181	80
2054	ENG-WS-068	2026-02-14T14:13:24.333Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.168	53798	50.109.146.111	53	outlook.office365.com
2055	ENG-WS-068	2026-02-16T18:16:31.248Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.168	57735	10.10.2.122	445
2056	ENG-WS-068	2026-02-14T23:25:54.328Z	3	C:\Windows\System32\code.exe	ACME\idavis	tcp	10.10.3.168	49739	197.113.108.103	3389
2057	ENG-WS-068	2026-02-19T05:15:32.480Z	3	C:\Windows\System32\services.exe	ACME\idavis	udp	10.10.3.168	59386	175.177.208.5	80
2058	ENG-WS-068	2026-02-14T23:09:55.223Z	3	C:\Windows\System32\notepad.exe	ACME\idavis	udp	10.10.3.168	62706	128.226.55.5	389
2059	ENG-WS-068	2026-02-11T15:22:30.014Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	udp	10.10.3.168	55480	140.61.61.112	3389
2060	ENG-WS-068	2026-02-19T19:38:30.736Z	3	C:\Windows\System32\smss.exe	ACME\idavis	udp	10.10.3.168	56207	10.10.1.151	80
2061	ENG-WS-068	2026-02-16T22:43:11.725Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.3.168	54981	10.10.2.146	3389
2062	ENG-WS-068	2026-02-16T03:38:11.261Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.168	63868	221.101.38.203	389
2063	ENG-WS-068	2026-02-20T14:45:57.395Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.168	53586	125.145.206.254	53
2064	ENG-WS-068	2026-02-14T06:48:26.151Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	tcp	10.10.3.168	64957	206.126.206.224	445
2065	ENG-WS-068	2026-02-13T14:30:39.476Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.3.168	58004	51.100.1.47	389
2066	ENG-WS-068	2026-02-15T12:17:59.711Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	udp	10.10.3.168	58552	10.10.3.114	8080
2067	ENG-WS-068	2026-02-16T01:34:08.672Z	3	C:\Windows\System32\spoolsv.exe	ACME\idavis	udp	10.10.3.168	59611	110.156.127.203	80
2068	ENG-WS-068	2026-02-17T10:26:34.969Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.3.168	58384	10.10.2.146	3389
2069	ENG-WS-068	2026-02-15T01:44:34.015Z	3	C:\Windows\System32\System	ACME\idavis	tcp	10.10.3.168	52436	10.10.1.139	445
2070	ENG-WS-068	2026-02-14T23:56:10.268Z	3	C:\Program Files\chrome.exe	ACME\idavis	udp	10.10.3.168	64248	10.10.1.118	445
2071	ENG-WS-068	2026-02-13T12:09:15.688Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.168	54260	19.254.199.117	53
2072	ENG-WS-068	2026-02-17T12:48:43.710Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.168	62138	152.190.218.11	53	cdn.jsdelivr.net
2073	ENG-WS-068	2026-02-13T23:39:22.529Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.168	54088	36.12.92.65	445
2074	ENG-WS-068	2026-02-14T02:37:00.852Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.168	61526	100.127.166.188	443
2075	ENG-WS-068	2026-02-11T11:15:28.870Z	3	C:\Windows\System32\MsMpEng.exe	ACME\idavis	tcp	10.10.3.168	64842	102.189.144.134	80
2076	ENG-WS-068	2026-02-14T17:06:07.459Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.3.168	63367	10.10.3.114	80
2077	ENG-WS-068	2026-02-15T08:09:36.388Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.168	54871	36.135.237.178	389
2078	LEG-WS-069	2026-02-20T13:01:48.832Z	3	C:\Windows\System32\System	ACME\emartinez	udp	10.10.1.169	60737	189.243.54.63	53
2079	LEG-WS-069	2026-02-13T11:43:05.519Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	tcp	10.10.1.169	58956	10.10.1.151	3389
2080	LEG-WS-069	2026-02-15T05:47:48.469Z	3	C:\Windows\System32\taskhostw.exe	ACME\emartinez	tcp	10.10.1.169	50613	10.142.138.139	80
2081	LEG-WS-069	2026-02-13T05:49:44.300Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.1.169	64671	83.247.237.148	53
2082	LEG-WS-069	2026-02-20T11:12:12.035Z	3	C:\Windows\System32\services.exe	ACME\emartinez	udp	10.10.1.169	62886	10.10.2.110	3389
2083	LEG-WS-069	2026-02-12T22:17:38.883Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.1.169	63840	10.10.2.11	80
2084	LEG-WS-069	2026-02-20T13:53:23.352Z	3	C:\Windows\System32\code.exe	ACME\emartinez	tcp	10.10.1.169	50999	10.10.2.143	3389
2085	LEG-WS-069	2026-02-15T10:58:20.843Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	tcp	10.10.1.169	61403	66.112.225.89	53
2086	LEG-WS-069	2026-02-20T12:16:48.073Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.1.169	58678	98.201.178.15	445
2087	LEG-WS-069	2026-02-11T06:16:52.958Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.1.169	56908	10.10.1.157	80
2088	LEG-WS-069	2026-02-11T16:06:08.069Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.1.169	53965	131.79.47.55	3389
2089	LEG-WS-069	2026-02-13T14:10:50.805Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.1.169	56461	123.172.84.47	80
2090	LEG-WS-069	2026-02-15T10:08:48.189Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.1.169	61009	45.71.110.10	80
2091	LEG-WS-069	2026-02-11T19:00:13.417Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.1.169	63263	213.30.182.68	445
2092	LEG-WS-069	2026-02-11T12:49:23.128Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	tcp	10.10.1.169	64282	177.29.55.87	445	graph.microsoft.com
2093	LEG-WS-069	2026-02-14T12:52:54.776Z	3	C:\Windows\System32\notepad.exe	ACME\emartinez	udp	10.10.1.169	60071	10.10.1.139	443	teams.microsoft.com
2094	LEG-WS-069	2026-02-10T21:43:26.923Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.1.169	50413	14.62.253.218	53
2095	LEG-WS-069	2026-02-12T13:44:50.768Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	udp	10.10.1.169	62911	187.75.240.96	53
2096	LEG-WS-069	2026-02-17T23:02:54.927Z	3	C:\Program Files\msedge.exe	ACME\emartinez	udp	10.10.1.169	60356	40.156.199.8	443
2097	LEG-WS-069	2026-02-15T12:39:25.182Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.1.169	63132	10.10.1.12	389
2098	MKT-WS-070	2026-02-12T20:19:42.642Z	3	C:\Windows\System32\winlogon.exe	ACME\jsmith	tcp	10.10.2.170	51894	10.10.3.102	3389
2099	MKT-WS-070	2026-02-17T13:06:30.380Z	3	C:\Windows\System32\winlogon.exe	ACME\jsmith	udp	10.10.2.170	60462	174.182.30.115	53
2100	MKT-WS-070	2026-02-14T11:32:01.590Z	3	C:\Windows\System32\services.exe	ACME\jsmith	udp	10.10.2.170	60418	10.10.1.142	443
2101	MKT-WS-070	2026-02-16T04:17:45.412Z	3	C:\Windows\System32\smss.exe	ACME\jsmith	udp	10.10.2.170	51171	10.10.3.132	80	windowsupdate.com
2102	MKT-WS-070	2026-02-17T12:51:47.872Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.170	52078	10.10.1.10	53
2103	MKT-WS-070	2026-02-15T03:38:34.528Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.170	49685	10.10.3.117	8080
2104	MKT-WS-070	2026-02-10T08:42:32.129Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\jsmith	udp	10.10.2.170	53312	10.10.3.171	389
2105	MKT-WS-070	2026-02-16T05:25:06.698Z	3	C:\Windows\System32\taskhostw.exe	ACME\jsmith	tcp	10.10.2.170	64930	10.10.2.134	80
2106	MKT-WS-070	2026-02-17T18:26:14.015Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.2.170	60072	104.63.73.170	443
2107	MKT-WS-070	2026-02-19T00:11:50.061Z	3	C:\Windows\System32\services.exe	ACME\jsmith	udp	10.10.2.170	49737	10.10.2.170	8080
2108	MKT-WS-070	2026-02-10T23:02:01.605Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\jsmith	tcp	10.10.2.170	50769	170.67.163.231	80	time.windows.com
2109	MKT-WS-070	2026-02-14T20:22:50.039Z	3	C:\Windows\System32\System	ACME\jsmith	tcp	10.10.2.170	49448	29.12.231.70	8080
2110	MKT-WS-070	2026-02-17T06:54:57.516Z	3	C:\Windows\System32\explorer.exe	ACME\jsmith	tcp	10.10.2.170	59098	10.10.1.106	8080
2111	MKT-WS-070	2026-02-14T13:24:41.919Z	3	C:\Windows\System32\notepad.exe	ACME\jsmith	udp	10.10.2.170	58474	193.231.130.98	80
2112	MKT-WS-070	2026-02-19T08:51:10.426Z	3	C:\Windows\System32\powershell.exe	ACME\jsmith	udp	10.10.2.170	60135	10.10.1.112	3389
2113	MKT-WS-070	2026-02-15T13:03:08.023Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.170	59336	10.10.3.105	80
2114	MKT-WS-070	2026-02-17T17:59:33.124Z	3	C:\Windows\System32\teams.exe	ACME\jsmith	tcp	10.10.2.170	51825	10.10.3.111	53
2115	MKT-WS-070	2026-02-17T04:57:10.500Z	3	C:\Windows\System32\dwm.exe	ACME\jsmith	tcp	10.10.2.170	57296	121.119.42.71	80
2116	MKT-WS-070	2026-02-10T16:37:46.273Z	3	C:\Windows\System32\code.exe	ACME\jsmith	tcp	10.10.2.170	55220	94.86.165.51	3389
2117	MKT-WS-070	2026-02-20T05:01:18.064Z	3	C:\Program Files\msedge.exe	ACME\jsmith	tcp	10.10.2.170	52196	210.159.123.153	443
2118	MKT-WS-070	2026-02-20T14:53:41.013Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.170	62033	10.10.3.129	3389
2119	MKT-WS-070	2026-02-15T20:59:58.790Z	3	C:\Windows\System32\spoolsv.exe	ACME\jsmith	tcp	10.10.2.170	62374	180.187.83.196	8080
2120	MKT-WS-070	2026-02-16T09:34:22.134Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.2.170	50531	208.162.134.39	3389
2121	MKT-WS-070	2026-02-11T13:10:02.668Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.2.170	52892	178.36.34.124	389
2122	MKT-WS-070	2026-02-20T05:37:45.906Z	3	C:\Windows\System32\csrss.exe	ACME\jsmith	udp	10.10.2.170	64655	3.230.152.192	3389
2123	MKT-WS-070	2026-02-13T06:54:49.001Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.2.170	49468	37.44.238.173	53
2124	MKT-WS-070	2026-02-14T17:22:56.895Z	3	C:\Windows\System32\OneDrive.exe	ACME\jsmith	tcp	10.10.2.170	60378	10.10.1.136	389
2125	MKT-WS-070	2026-02-20T05:52:36.649Z	3	C:\Windows\System32\outlook.exe	ACME\jsmith	udp	10.10.2.170	53629	181.174.84.240	3389	aws.amazon.com
2126	MKT-WS-070	2026-02-15T21:01:12.565Z	3	C:\Windows\System32\smss.exe	ACME\jsmith	udp	10.10.2.170	56785	10.10.1.13	443
2127	MKT-WS-070	2026-02-15T07:54:44.780Z	3	C:\Windows\System32\smss.exe	ACME\jsmith	tcp	10.10.2.170	54253	24.96.244.222	53
2128	MKT-WS-070	2026-02-15T17:45:05.724Z	3	C:\Windows\System32\cmd.exe	ACME\jsmith	udp	10.10.2.170	59663	10.10.1.124	8080
2129	MKT-WS-070	2026-02-14T05:35:03.547Z	3	C:\Windows\System32\svchost.exe	ACME\jsmith	udp	10.10.2.170	54083	10.10.1.10	53
2130	MKT-WS-070	2026-02-14T16:24:53.295Z	3	C:\Windows\System32\teams.exe	ACME\jsmith	tcp	10.10.2.170	50567	10.10.3.165	8080
2131	MKT-WS-070	2026-02-18T22:49:43.132Z	3	C:\Windows\System32\smss.exe	ACME\jsmith	udp	10.10.2.170	58799	109.131.223.158	53
2132	MKT-WS-070	2026-02-13T20:25:36.961Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.2.170	51310	61.231.4.21	3389	exch-01.acme.local
2133	MKT-WS-070	2026-02-20T02:49:28.229Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.2.170	51872	10.10.2.143	3389
2134	MKT-WS-070	2026-02-16T17:08:44.744Z	3	C:\Program Files\msedge.exe	ACME\jsmith	tcp	10.10.2.170	51901	10.10.1.121	389
2135	MKT-WS-070	2026-02-12T07:05:34.911Z	3	C:\Windows\System32\powershell.exe	ACME\jsmith	udp	10.10.2.170	56115	10.10.1.121	80
2136	MKT-WS-070	2026-02-15T19:48:18.459Z	3	C:\Windows\System32\explorer.exe	ACME\jsmith	tcp	10.10.2.170	57300	10.10.1.151	3389
2137	MKT-WS-070	2026-02-15T21:29:59.769Z	3	C:\Windows\System32\outlook.exe	ACME\jsmith	udp	10.10.2.170	51701	10.10.3.174	8080
2138	EXEC-WS-071	2026-02-18T14:09:05.363Z	3	C:\Windows\System32\taskhostw.exe	ACME\jsmith	udp	10.10.3.171	62848	10.10.3.108	80
2139	EXEC-WS-071	2026-02-10T23:45:35.605Z	3	C:\Windows\System32\services.exe	ACME\jsmith	tcp	10.10.3.171	51753	10.10.3.135	8080
2140	EXEC-WS-071	2026-02-18T17:52:28.992Z	3	C:\Windows\System32\smss.exe	ACME\jsmith	udp	10.10.3.171	52333	124.118.5.234	8080
2141	EXEC-WS-071	2026-02-10T10:21:27.082Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.3.171	57771	137.42.159.189	443
2142	EXEC-WS-071	2026-02-13T06:52:58.674Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.3.171	56356	188.75.205.216	389
2143	EXEC-WS-071	2026-02-20T10:21:34.248Z	3	C:\Windows\System32\outlook.exe	ACME\jsmith	udp	10.10.3.171	57027	66.141.95.147	389
2144	EXEC-WS-071	2026-02-13T14:19:05.524Z	3	C:\Windows\System32\explorer.exe	ACME\jsmith	udp	10.10.3.171	50005	10.10.2.10	3389
2145	EXEC-WS-071	2026-02-16T23:51:41.691Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\jsmith	tcp	10.10.3.171	62588	177.137.110.32	443
2146	EXEC-WS-071	2026-02-11T16:40:54.616Z	3	C:\Windows\System32\notepad.exe	ACME\jsmith	tcp	10.10.3.171	59355	10.10.1.121	8080
2147	EXEC-WS-071	2026-02-10T22:56:23.359Z	3	C:\Windows\System32\OneDrive.exe	ACME\jsmith	udp	10.10.3.171	50133	3.2.198.228	53
2148	EXEC-WS-071	2026-02-15T03:48:04.426Z	3	C:\Windows\System32\System	ACME\jsmith	tcp	10.10.3.171	58437	10.10.2.140	445
2149	EXEC-WS-071	2026-02-19T20:40:34.124Z	3	C:\Windows\System32\outlook.exe	ACME\jsmith	udp	10.10.3.171	52110	186.221.246.190	389
2150	EXEC-WS-071	2026-02-10T11:29:09.877Z	3	C:\Windows\System32\csrss.exe	ACME\jsmith	tcp	10.10.3.171	61243	10.10.3.156	389
2151	EXEC-WS-071	2026-02-13T02:06:08.955Z	3	C:\Windows\System32\csrss.exe	ACME\jsmith	tcp	10.10.3.171	60612	10.10.2.158	443
2152	EXEC-WS-071	2026-02-10T09:17:36.339Z	3	C:\Windows\System32\SearchHost.exe	ACME\jsmith	tcp	10.10.3.171	61165	10.10.2.140	80
2153	EXEC-WS-071	2026-02-13T15:09:00.876Z	3	C:\Windows\System32\notepad.exe	ACME\jsmith	tcp	10.10.3.171	51260	10.10.1.151	3389
2154	EXEC-WS-071	2026-02-14T04:10:38.207Z	3	C:\Windows\System32\notepad.exe	ACME\jsmith	tcp	10.10.3.171	55976	10.10.2.149	8080
2155	EXEC-WS-071	2026-02-12T07:54:30.133Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.3.171	56618	10.10.3.147	3389
2156	EXEC-WS-071	2026-02-12T03:05:33.673Z	3	C:\Program Files\msedge.exe	ACME\jsmith	tcp	10.10.3.171	57785	125.10.49.150	443
2157	EXEC-WS-071	2026-02-13T04:26:40.674Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.3.171	58026	26.90.169.62	3389
2158	EXEC-WS-071	2026-02-20T08:00:58.293Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.3.171	61548	118.66.45.217	8080
2159	EXEC-WS-071	2026-02-16T16:37:17.690Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.3.171	57014	116.180.210.26	80	acme.sharepoint.com
2160	EXEC-WS-071	2026-02-20T02:43:03.298Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.3.171	64756	10.10.2.143	445
2161	EXEC-WS-071	2026-02-18T23:55:55.812Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.3.171	60958	10.10.2.122	80
2162	EXEC-WS-071	2026-02-10T23:05:13.249Z	3	C:\Windows\System32\cmd.exe	ACME\jsmith	udp	10.10.3.171	50307	178.81.159.187	80
2163	EXEC-WS-071	2026-02-10T16:47:38.491Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.3.171	63122	132.34.123.106	80	windowsupdate.com
2164	EXEC-WS-071	2026-02-14T03:30:38.789Z	3	C:\Program Files\msedge.exe	ACME\jsmith	tcp	10.10.3.171	57797	10.10.2.158	445
2165	EXEC-WS-071	2026-02-10T20:48:11.394Z	3	C:\Program Files\chrome.exe	ACME\jsmith	tcp	10.10.3.171	49349	10.10.2.104	3389
2166	EXEC-WS-071	2026-02-11T12:45:13.528Z	3	C:\Windows\System32\taskhostw.exe	ACME\jsmith	udp	10.10.3.171	59887	10.10.1.106	53
2167	EXEC-WS-071	2026-02-17T01:27:00.673Z	3	C:\Windows\System32\smss.exe	ACME\jsmith	udp	10.10.3.171	63326	94.32.113.251	8080
2168	EXEC-WS-071	2026-02-18T19:41:15.729Z	3	C:\Windows\System32\services.exe	ACME\jsmith	udp	10.10.3.171	62832	139.13.62.123	389
2169	EXEC-WS-071	2026-02-15T10:59:04.873Z	3	C:\Windows\System32\notepad.exe	ACME\jsmith	udp	10.10.3.171	56034	10.10.1.157	53	login.microsoftonline.com
2170	EXEC-WS-071	2026-02-18T01:40:03.881Z	3	C:\Windows\System32\explorer.exe	ACME\jsmith	udp	10.10.3.171	56407	72.176.63.81	8080
2171	EXEC-WS-071	2026-02-13T02:09:50.659Z	3	C:\Windows\System32\lsass.exe	ACME\jsmith	tcp	10.10.3.171	50114	10.10.3.162	443
2172	EXEC-WS-071	2026-02-19T08:19:38.471Z	3	C:\Windows\System32\services.exe	ACME\jsmith	tcp	10.10.3.171	60035	10.10.2.140	80
2173	EXEC-WS-071	2026-02-13T23:30:34.331Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\jsmith	udp	10.10.3.171	63081	10.10.3.126	8080
2174	EXEC-WS-071	2026-02-13T06:58:58.637Z	3	C:\Program Files\msedge.exe	ACME\jsmith	udp	10.10.3.171	50304	88.156.34.58	445
2175	EXEC-WS-071	2026-02-16T17:58:28.063Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.3.171	63597	20.145.104.245	3389
2176	EXEC-WS-071	2026-02-13T21:04:02.242Z	3	C:\Program Files\chrome.exe	ACME\jsmith	udp	10.10.3.171	61465	67.226.209.222	445
2177	EXEC-WS-071	2026-02-15T07:58:08.018Z	3	C:\Windows\System32\cmd.exe	ACME\jsmith	tcp	10.10.3.171	55687	10.10.3.132	445
2178	EXEC-WS-071	2026-02-17T05:30:38.767Z	3	C:\Windows\System32\MsMpEng.exe	ACME\jsmith	tcp	10.10.3.171	59414	10.10.3.126	3389	time.windows.com
2179	IT-WS-072	2026-02-14T20:17:17.388Z	3	C:\Windows\System32\csrss.exe	ACME\svc_sql	tcp	10.10.1.172	52742	93.246.119.41	53
2180	IT-WS-072	2026-02-17T11:48:35.301Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.1.172	55780	200.27.67.140	445
2181	IT-WS-072	2026-02-11T16:01:51.503Z	3	C:\Windows\System32\spoolsv.exe	ACME\svc_sql	udp	10.10.1.172	53297	86.199.79.149	389
2182	IT-WS-072	2026-02-15T17:52:26.355Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	udp	10.10.1.172	49984	118.132.169.205	445
2183	IT-WS-072	2026-02-18T07:38:04.208Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.172	49991	216.54.228.195	80
2184	IT-WS-072	2026-02-14T16:56:29.387Z	3	C:\Windows\System32\outlook.exe	ACME\svc_sql	tcp	10.10.1.172	64563	74.7.97.110	389
2185	IT-WS-072	2026-02-16T09:57:24.823Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	udp	10.10.1.172	60851	10.10.3.168	3389
2186	IT-WS-072	2026-02-11T11:06:03.620Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	tcp	10.10.1.172	62317	162.81.35.205	443
2187	IT-WS-072	2026-02-12T04:00:11.233Z	3	C:\Windows\System32\teams.exe	ACME\svc_sql	udp	10.10.1.172	49771	10.10.2.143	443
2188	IT-WS-072	2026-02-17T03:16:24.333Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_sql	tcp	10.10.1.172	50714	10.10.3.135	80
2189	IT-WS-072	2026-02-11T10:03:34.897Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	tcp	10.10.1.172	61840	38.29.0.13	3389
2190	IT-WS-072	2026-02-17T13:54:50.983Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_sql	udp	10.10.1.172	51509	10.10.1.148	53
2191	IT-WS-072	2026-02-13T03:07:54.854Z	3	C:\Windows\System32\explorer.exe	ACME\svc_sql	tcp	10.10.1.172	58733	99.64.57.68	3389
2192	IT-WS-072	2026-02-12T09:18:49.145Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_sql	tcp	10.10.1.172	58768	212.58.60.83	80
2193	HR-WS-073	2026-02-17T20:55:26.338Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.173	55095	10.10.2.149	53
2194	HR-WS-073	2026-02-14T01:19:19.964Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.2.173	64615	10.10.3.135	445
2195	HR-WS-073	2026-02-13T17:58:41.863Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.173	53193	10.10.3.114	445	stackoverflow.com
2196	HR-WS-073	2026-02-18T21:53:57.042Z	3	C:\Windows\System32\outlook.exe	ACME\admin	tcp	10.10.2.173	51792	10.10.3.120	445
2197	HR-WS-073	2026-02-17T06:21:45.314Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.2.173	54752	14.117.153.177	443
2198	HR-WS-073	2026-02-18T11:45:58.725Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	udp	10.10.2.173	63457	214.164.40.154	389
2199	HR-WS-073	2026-02-16T08:49:48.759Z	3	C:\Windows\System32\outlook.exe	ACME\admin	udp	10.10.2.173	61323	84.16.188.86	389
2200	HR-WS-073	2026-02-11T12:25:11.943Z	3	C:\Windows\System32\code.exe	ACME\admin	udp	10.10.2.173	53070	142.130.59.149	53
2201	HR-WS-073	2026-02-13T23:15:35.973Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.173	58760	10.10.3.156	445
2202	HR-WS-073	2026-02-20T03:39:58.094Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.2.173	55758	10.10.3.156	80
2203	HR-WS-073	2026-02-14T03:28:24.696Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.2.173	58078	10.10.2.11	3389
2204	HR-WS-073	2026-02-10T18:39:07.790Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	tcp	10.10.2.173	49537	10.10.2.167	445
2205	HR-WS-073	2026-02-14T01:30:40.211Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	tcp	10.10.2.173	54536	101.140.179.169	8080	time.windows.com
2206	HR-WS-073	2026-02-18T02:30:44.077Z	3	C:\Windows\System32\MsMpEng.exe	ACME\admin	udp	10.10.2.173	51192	10.10.1.169	3389
2207	HR-WS-073	2026-02-15T16:11:29.215Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.173	56431	156.28.179.199	53
2208	HR-WS-073	2026-02-10T14:27:13.726Z	3	C:\Windows\System32\svchost.exe	ACME\admin	tcp	10.10.2.173	56558	197.103.77.75	80
2209	HR-WS-073	2026-02-12T18:16:00.445Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.2.173	56197	176.173.140.192	8080
2210	HR-WS-073	2026-02-16T22:06:17.348Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	tcp	10.10.2.173	65230	10.10.1.10	3389
2211	HR-WS-073	2026-02-12T22:38:36.864Z	3	C:\Windows\System32\OneDrive.exe	ACME\admin	tcp	10.10.2.173	51833	10.10.1.163	3389	outlook.office365.com
2212	HR-WS-073	2026-02-18T07:31:06.023Z	3	C:\Windows\System32\System	ACME\admin	tcp	10.10.2.173	60779	10.10.3.111	389
2213	HR-WS-073	2026-02-13T14:46:50.331Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.173	49564	66.202.10.244	389
2214	HR-WS-073	2026-02-20T13:18:23.864Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.2.173	61100	10.10.3.135	3389
2215	HR-WS-073	2026-02-13T09:16:00.320Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.173	49805	10.10.2.158	443
2216	HR-WS-073	2026-02-13T15:12:30.574Z	3	C:\Windows\System32\cmd.exe	ACME\admin	tcp	10.10.2.173	55388	66.64.160.233	53
2217	HR-WS-073	2026-02-16T02:57:49.845Z	3	C:\Windows\System32\teams.exe	ACME\admin	udp	10.10.2.173	60655	223.212.141.2	53
2218	HR-WS-073	2026-02-18T08:31:19.927Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.173	50139	10.10.2.152	445
2219	HR-WS-073	2026-02-17T00:20:21.685Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.2.173	61909	10.10.3.162	443
2220	HR-WS-073	2026-02-13T19:12:20.320Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.2.173	53046	10.10.3.159	80
2221	HR-WS-073	2026-02-12T04:32:40.447Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.173	51455	10.10.2.164	53
2222	HR-WS-073	2026-02-16T23:06:00.755Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\admin	tcp	10.10.2.173	54190	1.225.23.243	3389	update.microsoft.com
2223	HR-WS-073	2026-02-10T18:09:31.018Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	udp	10.10.2.173	51860	10.10.3.123	389
2224	HR-WS-073	2026-02-19T04:43:22.141Z	3	C:\Program Files\msedge.exe	ACME\admin	tcp	10.10.2.173	54375	5.118.212.45	389
2225	HR-WS-073	2026-02-19T05:59:52.312Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.2.173	51598	10.10.1.118	3389
2226	FIN-WS-074	2026-02-11T16:02:53.771Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.3.174	52339	151.49.30.164	445
2227	FIN-WS-074	2026-02-17T00:08:26.174Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	tcp	10.10.3.174	61405	180.133.172.55	53
2228	FIN-WS-074	2026-02-11T14:35:13.397Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.3.174	50916	154.55.36.157	3389
2229	FIN-WS-074	2026-02-17T22:36:10.893Z	3	C:\Windows\System32\outlook.exe	ACME\svc_sql	udp	10.10.3.174	59186	10.10.1.133	8080	dc-02.acme.local
2230	FIN-WS-074	2026-02-19T17:01:58.782Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	tcp	10.10.3.174	60049	10.10.2.146	8080
2231	FIN-WS-074	2026-02-13T02:19:38.731Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.3.174	62282	10.10.2.149	53
2232	FIN-WS-074	2026-02-11T10:57:46.466Z	3	C:\Windows\System32\svchost.exe	ACME\svc_sql	tcp	10.10.3.174	63411	10.10.3.132	443
2233	FIN-WS-074	2026-02-12T15:00:21.796Z	3	C:\Windows\System32\dwm.exe	ACME\svc_sql	tcp	10.10.3.174	58958	10.10.1.163	389
2234	FIN-WS-074	2026-02-11T16:22:21.661Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	tcp	10.10.3.174	55964	10.10.1.121	443
2235	FIN-WS-074	2026-02-14T23:24:28.471Z	3	C:\Windows\System32\lsass.exe	ACME\svc_sql	tcp	10.10.3.174	61862	22.124.10.3	8080
2236	FIN-WS-074	2026-02-18T01:13:39.597Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	udp	10.10.3.174	57811	218.163.18.6	53	teams.microsoft.com
2237	FIN-WS-074	2026-02-20T16:27:29.013Z	3	C:\Windows\System32\csrss.exe	ACME\svc_sql	udp	10.10.3.174	62355	11.238.80.185	445
2238	FIN-WS-074	2026-02-13T22:28:00.203Z	3	C:\Windows\System32\services.exe	ACME\svc_sql	udp	10.10.3.174	55429	132.37.236.131	53
2239	FIN-WS-074	2026-02-12T01:30:02.177Z	3	C:\Windows\System32\winlogon.exe	ACME\svc_sql	tcp	10.10.3.174	56211	111.175.31.63	80
2240	FIN-WS-074	2026-02-10T22:57:57.927Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	udp	10.10.3.174	57821	40.238.33.155	8080
2241	FIN-WS-074	2026-02-14T18:36:57.279Z	3	C:\Windows\System32\taskhostw.exe	ACME\svc_sql	tcp	10.10.3.174	55721	204.69.155.163	53
2242	FIN-WS-074	2026-02-16T04:56:21.016Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	udp	10.10.3.174	51966	11.197.112.33	80
2243	FIN-WS-074	2026-02-16T19:11:17.897Z	3	C:\Windows\System32\teams.exe	ACME\svc_sql	udp	10.10.3.174	51476	10.10.3.138	3389
2244	FIN-WS-074	2026-02-15T16:39:00.709Z	3	C:\Windows\System32\OneDrive.exe	ACME\svc_sql	tcp	10.10.3.174	52362	2.58.83.6	80
2245	FIN-WS-074	2026-02-18T09:18:08.955Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	udp	10.10.3.174	57383	10.10.2.116	80
2246	FIN-WS-074	2026-02-18T17:40:41.205Z	3	C:\Windows\System32\MsMpEng.exe	ACME\svc_sql	tcp	10.10.3.174	64694	10.10.2.128	3389
2247	FIN-WS-074	2026-02-17T00:13:58.057Z	3	C:\Program Files\chrome.exe	ACME\svc_sql	tcp	10.10.3.174	52280	10.10.1.115	80
2248	FIN-WS-074	2026-02-15T14:05:30.132Z	3	C:\Windows\System32\notepad.exe	ACME\svc_sql	udp	10.10.3.174	57655	10.10.2.161	8080
2249	FIN-WS-074	2026-02-13T03:37:53.286Z	3	C:\Windows\System32\explorer.exe	ACME\svc_sql	tcp	10.10.3.174	52173	128.199.60.138	445
2250	FIN-WS-074	2026-02-12T14:00:59.066Z	3	C:\Windows\System32\code.exe	ACME\svc_sql	tcp	10.10.3.174	56680	71.30.62.111	389
2251	FIN-WS-074	2026-02-13T01:29:28.825Z	3	C:\Program Files\msedge.exe	ACME\svc_sql	tcp	10.10.3.174	61330	10.10.2.164	389
2252	SLS-WS-075	2026-02-18T07:05:01.995Z	3	C:\Windows\System32\cmd.exe	ACME\admin	udp	10.10.1.175	61414	10.10.1.118	389
2253	SLS-WS-075	2026-02-16T23:42:18.342Z	3	C:\Program Files\msedge.exe	ACME\admin	udp	10.10.1.175	63320	10.10.1.172	3389
2254	SLS-WS-075	2026-02-12T09:54:04.021Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.175	50795	5.27.58.197	389
2255	SLS-WS-075	2026-02-18T22:28:11.611Z	3	C:\Windows\System32\csrss.exe	ACME\admin	tcp	10.10.1.175	60232	10.10.1.115	445
2256	SLS-WS-075	2026-02-13T17:50:27.112Z	3	C:\Windows\System32\lsass.exe	ACME\admin	tcp	10.10.1.175	56511	10.10.3.129	445
2257	SLS-WS-075	2026-02-18T03:25:30.728Z	3	C:\Windows\System32\services.exe	ACME\admin	tcp	10.10.1.175	63239	10.10.3.150	445
2258	SLS-WS-075	2026-02-11T04:21:51.949Z	3	C:\Windows\System32\notepad.exe	ACME\admin	tcp	10.10.1.175	63894	163.121.148.168	389	outlook.office365.com
2259	SLS-WS-075	2026-02-15T14:48:13.156Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.175	61942	42.192.255.204	445
2260	SLS-WS-075	2026-02-13T06:57:48.581Z	3	C:\Windows\System32\explorer.exe	ACME\admin	tcp	10.10.1.175	57595	10.10.2.11	53
2261	SLS-WS-075	2026-02-19T12:32:19.164Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.1.175	63606	196.220.255.238	445	pypi.org
2262	SLS-WS-075	2026-02-20T09:44:26.068Z	3	C:\Program Files\chrome.exe	ACME\admin	tcp	10.10.1.175	49867	169.3.9.193	443
2263	SLS-WS-075	2026-02-17T22:02:53.415Z	3	C:\Program Files\chrome.exe	ACME\admin	udp	10.10.1.175	56242	219.42.18.4	443
2264	SLS-WS-075	2026-02-17T00:42:54.246Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.1.175	56820	87.146.229.4	445
2265	SLS-WS-075	2026-02-10T23:49:01.602Z	3	C:\Windows\System32\smss.exe	ACME\admin	udp	10.10.1.175	61322	10.10.3.10	445
2266	SLS-WS-075	2026-02-13T15:50:10.361Z	3	C:\Windows\System32\smss.exe	ACME\admin	tcp	10.10.1.175	56386	77.172.83.133	8080
2267	SLS-WS-075	2026-02-12T01:19:28.359Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	udp	10.10.1.175	55431	185.203.238.133	53
2268	SLS-WS-075	2026-02-11T21:39:25.390Z	3	C:\Windows\System32\csrss.exe	ACME\admin	udp	10.10.1.175	55346	10.10.3.10	8080
2269	SLS-WS-075	2026-02-16T22:18:46.098Z	3	C:\Windows\System32\winlogon.exe	ACME\admin	udp	10.10.1.175	59501	10.10.1.175	443
2270	SLS-WS-075	2026-02-13T12:16:22.717Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.1.175	57195	96.110.122.171	3389
2271	SLS-WS-075	2026-02-11T03:47:12.010Z	3	C:\Windows\System32\SearchHost.exe	ACME\admin	tcp	10.10.1.175	61903	10.10.1.163	80
2272	SLS-WS-075	2026-02-18T04:48:47.473Z	3	C:\Windows\System32\dwm.exe	ACME\admin	tcp	10.10.1.175	49184	13.196.138.153	445
2273	SLS-WS-075	2026-02-16T15:45:34.455Z	3	C:\Windows\System32\System	ACME\admin	tcp	10.10.1.175	62979	10.10.3.138	80
2274	SLS-WS-075	2026-02-12T17:00:17.976Z	3	C:\Windows\System32\lsass.exe	ACME\admin	udp	10.10.1.175	65287	96.83.101.195	53
2275	SLS-WS-075	2026-02-12T02:52:27.296Z	3	C:\Windows\System32\cmd.exe	ACME\admin	udp	10.10.1.175	63951	10.10.3.159	443	acme.local
2276	SLS-WS-075	2026-02-16T17:42:59.266Z	3	C:\Windows\System32\smss.exe	ACME\admin	udp	10.10.1.175	52486	56.143.168.54	389
2277	SLS-WS-075	2026-02-20T01:29:02.172Z	3	C:\Windows\System32\System	ACME\admin	tcp	10.10.1.175	61148	10.10.2.131	53
2278	SLS-WS-075	2026-02-18T01:52:57.245Z	3	C:\Windows\System32\lsass.exe	ACME\admin	tcp	10.10.1.175	61920	101.181.36.157	445
2279	SLS-WS-075	2026-02-20T06:13:25.846Z	3	C:\Windows\System32\spoolsv.exe	ACME\admin	udp	10.10.1.175	63797	10.10.3.141	389
2280	SLS-WS-075	2026-02-16T01:02:42.595Z	3	C:\Windows\System32\code.exe	ACME\admin	tcp	10.10.1.175	63210	77.234.168.144	80	akamai.net
2281	DC-01	2026-02-17T17:03:53.785Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.1.10	62115	10.10.1.133	53
2282	DC-01	2026-02-14T03:18:27.084Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	udp	10.10.1.10	63548	10.10.2.101	443
2283	DC-01	2026-02-19T20:07:24.131Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.1.10	56041	10.10.2.143	8080
2284	DC-01	2026-02-12T21:10:13.221Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	tcp	10.10.1.10	49860	157.126.61.228	53
2285	DC-01	2026-02-18T17:58:43.811Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	tcp	10.10.1.10	58174	10.10.1.127	445
2286	DC-01	2026-02-18T22:42:20.795Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	udp	10.10.1.10	55261	10.10.3.138	53
2287	DC-01	2026-02-14T20:44:03.461Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	tcp	10.10.1.10	57413	10.10.3.126	80	dc-01.acme.local
2288	DC-01	2026-02-11T21:11:12.926Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	tcp	10.10.1.10	58190	47.180.170.193	8080
2289	DC-01	2026-02-16T12:17:37.630Z	3	C:\Windows\System32\svchost.exe	ACME\bwilson	udp	10.10.1.10	64025	87.163.108.71	53
2290	DC-01	2026-02-18T18:58:06.885Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	tcp	10.10.1.10	59967	10.10.3.159	3389	aws.amazon.com
2291	DC-01	2026-02-19T04:49:56.954Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.1.10	52207	70.219.8.107	443
2292	DC-01	2026-02-17T20:20:44.421Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.1.10	54876	10.10.2.101	389
2293	DC-01	2026-02-20T06:02:32.162Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.1.10	52392	10.10.3.141	53
2294	DC-01	2026-02-15T14:33:24.920Z	3	C:\Windows\System32\smss.exe	ACME\bwilson	tcp	10.10.1.10	55340	10.10.3.147	389
2295	DC-01	2026-02-19T18:14:56.477Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.1.10	62009	219.238.171.99	389
2296	DC-01	2026-02-13T21:42:27.378Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.1.10	61506	33.25.78.137	8080
2297	DC-01	2026-02-14T04:27:52.777Z	3	C:\Program Files\msedge.exe	ACME\bwilson	udp	10.10.1.10	53240	85.195.221.121	445	dc-01.acme.local
2298	DC-01	2026-02-15T04:27:30.588Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.1.10	53080	119.195.164.21	53
2299	DC-01	2026-02-18T04:58:08.554Z	3	C:\Windows\System32\outlook.exe	ACME\bwilson	udp	10.10.1.10	50092	7.108.168.9	445
2300	DC-01	2026-02-11T05:25:00.199Z	3	C:\Program Files\msedge.exe	ACME\bwilson	tcp	10.10.1.10	61171	10.10.1.154	3389
2301	DC-01	2026-02-17T01:21:00.306Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.1.10	51987	162.85.247.176	389
2302	DC-01	2026-02-12T05:00:30.364Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	udp	10.10.1.10	58018	10.10.1.157	53
2303	DC-01	2026-02-16T23:12:38.735Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	udp	10.10.1.10	64940	152.54.177.151	53
2304	DC-01	2026-02-10T12:28:04.237Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	tcp	10.10.1.10	57922	37.40.252.206	389
2305	DC-01	2026-02-14T03:25:56.243Z	3	C:\Windows\System32\teams.exe	ACME\bwilson	tcp	10.10.1.10	52471	58.156.216.50	443
2306	DC-01	2026-02-12T23:26:44.489Z	3	C:\Windows\System32\lsass.exe	ACME\bwilson	udp	10.10.1.10	49409	123.159.48.165	8080
2307	DC-01	2026-02-14T02:15:27.504Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.1.10	52057	10.10.1.151	445
2308	DC-01	2026-02-17T22:02:39.586Z	3	C:\Windows\System32\teams.exe	ACME\bwilson	tcp	10.10.1.10	57377	72.140.112.204	53
2309	DC-01	2026-02-18T03:02:59.775Z	3	C:\Windows\System32\System	ACME\bwilson	udp	10.10.1.10	64058	18.163.57.217	443
2310	DC-01	2026-02-17T20:27:40.634Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	udp	10.10.1.10	50234	10.10.3.168	53
2311	DC-01	2026-02-11T09:39:10.268Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	udp	10.10.1.10	52535	56.106.83.189	8080
2312	DC-01	2026-02-17T06:02:46.784Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.1.10	49772	10.10.3.153	389
2313	DC-01	2026-02-10T18:41:47.375Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.1.10	54811	10.10.3.120	445
2314	DC-01	2026-02-15T16:49:53.625Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\bwilson	udp	10.10.1.10	50825	10.10.3.117	445
2315	DC-01	2026-02-17T20:50:25.439Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.1.10	50994	10.10.2.134	389
2316	DC-01	2026-02-17T02:41:49.787Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	tcp	10.10.1.10	50692	133.59.190.76	3389
2317	DC-01	2026-02-13T15:32:33.741Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.1.10	60046	87.47.220.129	53
2318	DC-01	2026-02-15T20:05:28.794Z	3	C:\Windows\System32\csrss.exe	ACME\bwilson	tcp	10.10.1.10	55109	221.114.228.202	53
2319	DC-01	2026-02-12T09:32:08.730Z	3	C:\Windows\System32\SearchHost.exe	ACME\bwilson	udp	10.10.1.10	58843	10.10.1.106	3389
2320	DC-02	2026-02-20T00:17:56.976Z	3	C:\Windows\System32\powershell.exe	ACME\bwilson	udp	10.10.2.10	53570	10.10.1.124	8080
2321	DC-02	2026-02-13T14:54:46.078Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	tcp	10.10.2.10	65338	10.10.1.115	80
2322	DC-02	2026-02-13T06:34:23.136Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.2.10	53022	10.10.3.174	445
2323	DC-02	2026-02-17T03:25:28.321Z	3	C:\Windows\System32\cmd.exe	ACME\bwilson	udp	10.10.2.10	50504	10.10.1.10	389
2324	DC-02	2026-02-10T21:45:40.238Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	tcp	10.10.2.10	49923	148.194.165.67	445
2325	DC-02	2026-02-11T18:55:45.449Z	3	C:\Windows\System32\explorer.exe	ACME\bwilson	tcp	10.10.2.10	59155	10.10.3.168	389
2326	DC-02	2026-02-11T12:32:30.515Z	3	C:\Windows\System32\dwm.exe	ACME\bwilson	tcp	10.10.2.10	53293	10.10.2.104	389	www.bet365.com
2327	DC-02	2026-02-15T07:15:29.325Z	3	C:\Program Files\chrome.exe	ACME\bwilson	tcp	10.10.2.10	52897	132.19.58.58	80
2328	DC-02	2026-02-18T18:38:04.381Z	3	C:\Program Files\chrome.exe	ACME\bwilson	udp	10.10.2.10	63066	28.152.96.119	3389
2329	DC-02	2026-02-11T03:56:24.528Z	3	C:\Windows\System32\services.exe	ACME\bwilson	tcp	10.10.2.10	62655	76.173.172.105	389	google.com
2330	DC-02	2026-02-12T12:02:04.912Z	3	C:\Windows\System32\notepad.exe	ACME\bwilson	udp	10.10.2.10	61554	10.10.2.164	445
2331	DC-02	2026-02-18T16:31:21.695Z	3	C:\Windows\System32\MsMpEng.exe	ACME\bwilson	tcp	10.10.2.10	63601	10.10.1.12	445
2332	FILE-01	2026-02-19T20:47:33.887Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	udp	10.10.1.11	49320	74.18.167.115	8080
2333	FILE-01	2026-02-10T18:02:31.819Z	3	C:\Windows\System32\System	ACME\emartinez	udp	10.10.1.11	62067	96.188.72.151	80
2334	FILE-01	2026-02-19T01:15:00.638Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	udp	10.10.1.11	52872	10.10.1.166	80	exch-01.acme.local
2335	FILE-01	2026-02-15T21:45:13.436Z	3	C:\Windows\System32\smss.exe	ACME\emartinez	tcp	10.10.1.11	61018	10.10.2.167	445
2336	FILE-01	2026-02-12T01:56:53.686Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	tcp	10.10.1.11	62931	10.10.3.114	53
2337	FILE-01	2026-02-17T10:06:22.899Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	tcp	10.10.1.11	63632	10.10.1.133	445
2338	FILE-01	2026-02-20T12:34:21.296Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.1.11	57632	47.42.150.153	8080
2339	FILE-01	2026-02-13T22:25:05.788Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.1.11	65044	186.238.209.73	389
2340	FILE-01	2026-02-13T23:20:48.437Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	tcp	10.10.1.11	64562	83.100.73.112	3389	cloudflare.com
2341	FILE-01	2026-02-16T13:31:19.508Z	3	C:\Windows\System32\OneDrive.exe	ACME\emartinez	udp	10.10.1.11	62800	10.10.1.13	443
2342	FILE-01	2026-02-13T14:14:28.564Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	tcp	10.10.1.11	55344	10.10.3.126	8080
2343	FILE-01	2026-02-18T02:13:22.417Z	3	C:\Windows\System32\svchost.exe	ACME\emartinez	udp	10.10.1.11	53549	192.68.14.61	80
2344	FILE-01	2026-02-15T12:27:58.679Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.1.11	53796	10.10.2.104	80
2345	FILE-01	2026-02-13T05:45:49.468Z	3	C:\Windows\System32\winlogon.exe	ACME\emartinez	udp	10.10.1.11	63216	10.10.2.155	443
2346	FILE-01	2026-02-17T15:31:23.313Z	3	C:\Windows\System32\SearchHost.exe	ACME\emartinez	udp	10.10.1.11	53530	10.10.1.103	80
2347	FILE-01	2026-02-20T09:03:10.177Z	3	C:\Windows\System32\outlook.exe	ACME\emartinez	tcp	10.10.1.11	58167	10.10.1.169	80
2348	FILE-01	2026-02-10T15:06:49.625Z	3	C:\Windows\System32\notepad.exe	ACME\emartinez	tcp	10.10.1.11	65002	10.10.1.13	445
2349	FILE-01	2026-02-13T17:38:48.563Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.1.11	57774	59.9.35.246	389
2350	FILE-01	2026-02-11T14:17:47.053Z	3	C:\Windows\System32\spoolsv.exe	ACME\emartinez	udp	10.10.1.11	64221	166.129.85.49	445
2351	FILE-01	2026-02-13T02:56:30.523Z	3	C:\Windows\System32\csrss.exe	ACME\emartinez	tcp	10.10.1.11	52536	208.239.106.19	445
2352	FILE-01	2026-02-17T22:52:46.497Z	3	C:\Windows\System32\explorer.exe	ACME\emartinez	udp	10.10.1.11	57099	10.10.3.132	443
2353	FILE-01	2026-02-13T14:18:36.829Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	tcp	10.10.1.11	55180	10.10.2.161	8080
2354	FILE-01	2026-02-17T09:15:02.946Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.1.11	55282	50.59.72.10	389
2355	FILE-01	2026-02-20T01:53:09.345Z	3	C:\Program Files\chrome.exe	ACME\emartinez	udp	10.10.1.11	61530	203.238.181.253	53
2356	FILE-01	2026-02-17T00:51:27.667Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.1.11	52254	10.10.2.119	8080	pypi.org
2357	FILE-01	2026-02-20T04:52:37.805Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	tcp	10.10.1.11	58734	132.181.117.71	80
2358	FILE-01	2026-02-12T05:35:47.072Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.1.11	54913	19.35.57.196	53
2359	FILE-01	2026-02-13T11:04:53.895Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	tcp	10.10.1.11	63060	44.184.25.70	3389
2360	FILE-01	2026-02-15T14:59:09.240Z	3	C:\Windows\System32\cmd.exe	ACME\emartinez	udp	10.10.1.11	59075	127.46.147.220	3389
2361	FILE-01	2026-02-14T06:12:49.168Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.1.11	62408	52.152.119.217	80
2362	FILE-01	2026-02-12T14:36:17.113Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.1.11	54539	223.77.118.108	80
2363	FILE-01	2026-02-11T21:36:00.024Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\emartinez	udp	10.10.1.11	63182	3.93.180.216	3389
2364	FILE-01	2026-02-19T00:48:43.502Z	3	C:\Windows\System32\code.exe	ACME\emartinez	udp	10.10.1.11	62977	10.10.1.169	389
2365	FILE-01	2026-02-14T20:29:55.570Z	3	C:\Windows\System32\System	ACME\emartinez	tcp	10.10.1.11	61073	10.10.1.136	443
2366	FILE-01	2026-02-17T01:48:19.369Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	tcp	10.10.1.11	65053	94.246.51.224	80
2367	FILE-01	2026-02-12T19:28:41.969Z	3	C:\Program Files\msedge.exe	ACME\emartinez	tcp	10.10.1.11	56753	10.10.3.144	443
2368	FILE-01	2026-02-19T23:10:19.938Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	udp	10.10.1.11	64607	10.37.88.41	8080
2369	FILE-01	2026-02-17T20:22:42.906Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.1.11	50289	4.115.61.4	389
2370	FILE-01	2026-02-13T19:56:41.534Z	3	C:\Windows\System32\svchost.exe	ACME\emartinez	tcp	10.10.1.11	54242	10.10.3.159	389
2371	FILE-01	2026-02-18T03:17:16.868Z	3	C:\Windows\System32\csrss.exe	ACME\emartinez	tcp	10.10.1.11	51791	10.10.3.111	445
2372	FILE-01	2026-02-17T08:23:21.038Z	3	C:\Windows\System32\MsMpEng.exe	ACME\emartinez	tcp	10.10.1.11	51624	10.10.3.102	445
2373	FILE-01	2026-02-14T00:53:38.234Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	udp	10.10.1.11	65414	10.10.1.145	53
2374	FILE-01	2026-02-18T20:46:18.080Z	3	C:\Windows\System32\dwm.exe	ACME\emartinez	tcp	10.10.1.11	49417	10.10.1.118	8080
2375	FILE-01	2026-02-16T03:43:46.238Z	3	C:\Windows\System32\powershell.exe	ACME\emartinez	tcp	10.10.1.11	62081	3.8.246.206	3389
2376	FILE-01	2026-02-19T21:22:49.996Z	3	C:\Program Files\chrome.exe	ACME\emartinez	tcp	10.10.1.11	50076	212.171.116.139	389
2377	FILE-01	2026-02-12T03:35:49.320Z	3	C:\Windows\System32\System	ACME\emartinez	udp	10.10.1.11	64389	105.146.69.159	53
2378	EXCH-01	2026-02-15T17:03:23.535Z	3	C:\Windows\System32\smss.exe	ACME\dlee	udp	10.10.1.12	65124	10.10.2.164	3389
2379	EXCH-01	2026-02-16T04:02:21.940Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.1.12	55849	177.222.246.147	53
2380	EXCH-01	2026-02-15T04:06:48.293Z	3	C:\Windows\System32\teams.exe	ACME\dlee	udp	10.10.1.12	50326	116.217.64.155	445
2381	EXCH-01	2026-02-14T19:35:46.471Z	3	C:\Windows\System32\outlook.exe	ACME\dlee	udp	10.10.1.12	52671	10.10.3.10	445
2382	EXCH-01	2026-02-13T18:17:15.359Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.1.12	55561	64.57.181.219	80
2383	EXCH-01	2026-02-14T08:32:50.018Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.1.12	50023	49.15.182.156	53
2384	EXCH-01	2026-02-10T18:23:57.008Z	3	C:\Windows\System32\powershell.exe	ACME\dlee	tcp	10.10.1.12	49770	10.10.1.166	389
2385	EXCH-01	2026-02-11T20:17:14.118Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.1.12	49512	143.69.84.168	445
2386	EXCH-01	2026-02-16T13:12:26.315Z	3	C:\Windows\System32\SearchHost.exe	ACME\dlee	tcp	10.10.1.12	56881	77.85.140.82	389
2387	EXCH-01	2026-02-14T21:21:36.202Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.1.12	63505	38.148.85.170	443
2388	EXCH-01	2026-02-12T23:37:56.389Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.1.12	58805	10.10.2.167	389
2389	EXCH-01	2026-02-15T00:25:15.930Z	3	C:\Windows\System32\spoolsv.exe	ACME\dlee	udp	10.10.1.12	57080	83.149.34.57	53
2390	EXCH-01	2026-02-17T03:16:44.992Z	3	C:\Windows\System32\csrss.exe	ACME\dlee	udp	10.10.1.12	53290	10.10.1.139	389
2391	EXCH-01	2026-02-18T18:53:11.592Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.1.12	61654	10.10.2.140	53
2392	EXCH-01	2026-02-17T07:27:44.255Z	3	C:\Windows\System32\smss.exe	ACME\dlee	tcp	10.10.1.12	59598	61.100.205.97	8080
2393	EXCH-01	2026-02-16T07:48:56.504Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.1.12	55903	37.5.183.162	8080
2394	EXCH-01	2026-02-11T09:27:06.439Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\dlee	tcp	10.10.1.12	58732	161.171.216.195	3389
2395	EXCH-01	2026-02-15T03:24:56.822Z	3	C:\Windows\System32\winlogon.exe	ACME\dlee	tcp	10.10.1.12	62360	143.121.219.249	443
2396	EXCH-01	2026-02-15T14:10:47.618Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.1.12	55621	146.209.49.143	53
2397	EXCH-01	2026-02-17T22:40:02.328Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.1.12	53915	10.10.2.101	53
2398	EXCH-01	2026-02-17T19:34:02.287Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	tcp	10.10.1.12	52184	34.37.146.15	53	cdn.jsdelivr.net
2399	EXCH-01	2026-02-10T21:35:12.067Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.1.12	58059	10.10.3.141	8080
2400	EXCH-01	2026-02-12T08:41:53.038Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	tcp	10.10.1.12	49812	10.10.2.140	3389	windowsupdate.com
2401	EXCH-01	2026-02-15T03:12:39.885Z	3	C:\Windows\System32\lsass.exe	ACME\dlee	udp	10.10.1.12	60057	132.111.236.224	443
2402	EXCH-01	2026-02-20T04:39:51.777Z	3	C:\Program Files\msedge.exe	ACME\dlee	tcp	10.10.1.12	60658	3.59.124.229	80
2403	EXCH-01	2026-02-18T01:32:49.277Z	3	C:\Program Files\chrome.exe	ACME\dlee	udp	10.10.1.12	52242	10.10.2.146	443
2404	EXCH-01	2026-02-15T01:34:25.349Z	3	C:\Windows\System32\lsass.exe	ACME\dlee	udp	10.10.1.12	50207	10.10.1.151	3389
2405	EXCH-01	2026-02-17T22:57:44.856Z	3	C:\Program Files\msedge.exe	ACME\dlee	udp	10.10.1.12	58051	10.10.2.113	445
2406	EXCH-01	2026-02-14T12:19:54.190Z	3	C:\Windows\System32\explorer.exe	ACME\dlee	udp	10.10.1.12	49382	10.10.1.109	443
2407	EXCH-01	2026-02-18T15:45:08.737Z	3	C:\Program Files\chrome.exe	ACME\dlee	tcp	10.10.1.12	59908	10.10.3.123	445
2408	WEB-01	2026-02-14T13:05:14.297Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	udp	10.10.3.10	62380	10.10.2.137	443
2409	WEB-01	2026-02-17T11:04:06.730Z	3	C:\Windows\System32\System	ACME\idavis	tcp	10.10.3.10	58859	140.117.149.140	53
2410	WEB-01	2026-02-12T15:22:25.422Z	3	C:\Windows\System32\OneDrive.exe	ACME\idavis	tcp	10.10.3.10	61317	10.10.3.120	53
2411	WEB-01	2026-02-15T00:37:16.090Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.3.10	49763	10.10.3.123	80
2412	WEB-01	2026-02-19T02:07:23.126Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	udp	10.10.3.10	55123	115.94.80.253	443
2413	WEB-01	2026-02-12T12:30:45.586Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.10	53105	10.10.2.158	445
2414	WEB-01	2026-02-14T03:11:03.988Z	3	C:\Windows\System32\smss.exe	ACME\idavis	tcp	10.10.3.10	50129	10.10.1.11	53
2415	WEB-01	2026-02-17T15:34:22.302Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.3.10	49277	197.142.187.81	53
2416	WEB-01	2026-02-12T04:30:35.950Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.3.10	60828	60.4.38.164	389
2417	WEB-01	2026-02-18T10:27:05.484Z	3	C:\Windows\System32\teams.exe	ACME\idavis	udp	10.10.3.10	62339	10.10.2.167	80
2418	WEB-01	2026-02-15T13:07:46.339Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.10	57470	184.69.231.145	8080
2419	WEB-01	2026-02-11T20:11:46.233Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.10	60005	110.102.177.143	53
2420	WEB-01	2026-02-20T03:23:02.708Z	3	C:\Program Files\msedge.exe	ACME\idavis	tcp	10.10.3.10	62994	124.198.5.30	389
2421	WEB-01	2026-02-16T10:51:48.487Z	3	C:\Windows\System32\System	ACME\idavis	udp	10.10.3.10	63524	184.188.42.91	3389
2422	WEB-01	2026-02-11T13:01:33.748Z	3	C:\Program Files\chrome.exe	ACME\idavis	tcp	10.10.3.10	57827	105.57.239.230	80
2423	WEB-01	2026-02-14T19:08:23.124Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\idavis	tcp	10.10.3.10	51007	78.51.96.121	8080	file-01.acme.local
2424	WEB-01	2026-02-13T08:57:16.420Z	3	C:\Windows\System32\System	ACME\idavis	udp	10.10.3.10	51292	10.10.1.145	389
2425	WEB-01	2026-02-17T17:43:44.634Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.3.10	61379	152.175.23.228	8080
2426	WEB-01	2026-02-11T03:21:47.045Z	3	C:\Program Files\msedge.exe	ACME\idavis	udp	10.10.3.10	54010	184.130.213.90	389
2427	WEB-01	2026-02-12T08:27:11.363Z	3	C:\Windows\System32\System	ACME\idavis	udp	10.10.3.10	60448	67.104.169.160	80	cloudflare.com
2428	WEB-01	2026-02-18T03:47:03.430Z	3	C:\Windows\System32\services.exe	ACME\idavis	tcp	10.10.3.10	56580	10.10.2.164	80
2429	WEB-01	2026-02-15T14:45:38.607Z	3	C:\Windows\System32\svchost.exe	ACME\idavis	udp	10.10.3.10	50043	96.171.124.46	53
2430	WEB-01	2026-02-14T08:58:14.368Z	3	C:\Windows\System32\SearchHost.exe	ACME\idavis	tcp	10.10.3.10	58938	10.10.1.10	8080
2431	WEB-01	2026-02-13T17:39:42.047Z	3	C:\Windows\System32\cmd.exe	ACME\idavis	udp	10.10.3.10	62795	208.233.137.97	389
2432	WEB-01	2026-02-11T19:36:00.113Z	3	C:\Windows\System32\lsass.exe	ACME\idavis	tcp	10.10.3.10	51533	10.10.1.127	443	login.microsoftonline.com
2433	WEB-01	2026-02-10T19:45:13.396Z	3	C:\Windows\System32\winlogon.exe	ACME\idavis	tcp	10.10.3.10	52220	141.156.136.62	8080
2434	WEB-01	2026-02-17T23:25:26.811Z	3	C:\Windows\System32\powershell.exe	ACME\idavis	tcp	10.10.3.10	62412	157.46.77.15	443
2435	SQL-01	2026-02-12T19:44:56.856Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.11	53046	87.212.11.79	80
2436	SQL-01	2026-02-15T15:45:04.257Z	3	C:\Windows\System32\csrss.exe	ACME\cjohnson	udp	10.10.2.11	57057	27.124.145.142	445	graph.microsoft.com
2437	SQL-01	2026-02-10T23:39:02.383Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	tcp	10.10.2.11	55039	10.10.1.157	53
2438	SQL-01	2026-02-20T17:49:48.414Z	3	C:\Windows\System32\powershell.exe	ACME\cjohnson	tcp	10.10.2.11	57927	23.157.140.175	8080	google.com
2439	SQL-01	2026-02-17T09:14:59.986Z	3	C:\Windows\System32\svchost.exe	ACME\cjohnson	tcp	10.10.2.11	62691	169.251.143.241	53
2440	SQL-01	2026-02-19T09:17:17.072Z	3	C:\Windows\System32\powershell.exe	ACME\cjohnson	tcp	10.10.2.11	56193	10.10.3.162	389
2441	SQL-01	2026-02-15T09:31:40.192Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.11	56528	56.48.115.33	443
2442	SQL-01	2026-02-14T12:34:29.851Z	3	C:\Windows\System32\outlook.exe	ACME\cjohnson	tcp	10.10.2.11	59318	10.10.3.117	389
2443	SQL-01	2026-02-15T21:22:24.943Z	3	C:\Windows\System32\System	ACME\cjohnson	udp	10.10.2.11	49281	76.223.115.81	80
2444	SQL-01	2026-02-12T10:49:45.587Z	3	C:\Windows\System32\dwm.exe	ACME\cjohnson	udp	10.10.2.11	63062	10.10.2.128	3389
2445	SQL-01	2026-02-12T05:25:16.513Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.2.11	64475	186.212.32.114	8080
2446	SQL-01	2026-02-18T10:14:23.221Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.2.11	56168	147.39.44.6	53
2447	SQL-01	2026-02-10T14:32:24.814Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	udp	10.10.2.11	64505	220.212.244.193	53
2448	SQL-01	2026-02-15T07:54:43.387Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\cjohnson	tcp	10.10.2.11	60324	10.10.1.136	443
2449	SQL-01	2026-02-18T20:53:59.850Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.11	64470	10.10.1.136	80
2450	SQL-01	2026-02-17T18:27:01.527Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.11	54241	10.10.2.143	53
2451	SQL-01	2026-02-11T02:04:28.319Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	udp	10.10.2.11	64095	10.10.2.104	443
2452	SQL-01	2026-02-11T13:44:18.374Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.11	63352	10.10.3.162	3389
2453	SQL-01	2026-02-10T15:55:42.145Z	3	C:\Windows\System32\taskhostw.exe	ACME\cjohnson	tcp	10.10.2.11	64616	58.37.144.177	8080
2454	SQL-01	2026-02-11T01:01:13.611Z	3	C:\Windows\System32\winlogon.exe	ACME\cjohnson	udp	10.10.2.11	58447	10.10.3.111	53
2455	SQL-01	2026-02-17T21:37:51.646Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	udp	10.10.2.11	51801	10.10.2.173	443
2456	SQL-01	2026-02-17T15:28:07.342Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.11	57225	10.10.1.11	80
2457	SQL-01	2026-02-14T07:42:31.192Z	3	C:\Windows\System32\powershell.exe	ACME\cjohnson	tcp	10.10.2.11	60941	10.10.3.123	80
2458	SQL-01	2026-02-17T02:37:06.254Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	udp	10.10.2.11	49863	10.10.3.114	445	file-01.acme.local
2459	SQL-01	2026-02-13T14:03:02.978Z	3	C:\Windows\System32\spoolsv.exe	ACME\cjohnson	tcp	10.10.2.11	50447	10.10.1.166	80
2460	SQL-01	2026-02-13T05:35:22.790Z	3	C:\Windows\System32\teams.exe	ACME\cjohnson	udp	10.10.2.11	58216	10.10.3.108	443
2461	SQL-01	2026-02-19T23:08:29.615Z	3	C:\Windows\System32\notepad.exe	ACME\cjohnson	udp	10.10.2.11	52792	19.86.243.83	53
2462	SQL-01	2026-02-13T04:42:17.024Z	3	C:\Windows\System32\csrss.exe	ACME\cjohnson	udp	10.10.2.11	57830	10.10.3.147	445
2463	SQL-01	2026-02-14T12:26:15.763Z	3	C:\Windows\System32\code.exe	ACME\cjohnson	udp	10.10.2.11	65330	10.10.2.110	80
2464	SQL-01	2026-02-11T01:53:03.303Z	3	C:\Program Files\chrome.exe	ACME\cjohnson	tcp	10.10.2.11	63814	10.10.1.10	443
2465	SQL-01	2026-02-12T19:56:50.455Z	3	C:\Windows\System32\csrss.exe	ACME\cjohnson	udp	10.10.2.11	61587	10.10.1.154	80
2466	SQL-01	2026-02-11T06:50:15.954Z	3	C:\Program Files\msedge.exe	ACME\cjohnson	tcp	10.10.2.11	50769	165.88.128.217	443
2467	SQL-01	2026-02-18T15:11:38.607Z	3	C:\Windows\System32\smss.exe	ACME\cjohnson	tcp	10.10.2.11	62428	163.179.183.183	445
2468	SQL-01	2026-02-13T06:58:09.930Z	3	C:\Windows\System32\OneDrive.exe	ACME\cjohnson	udp	10.10.2.11	64064	59.36.73.225	443	pypi.org
2469	SQL-01	2026-02-19T03:34:49.357Z	3	C:\Windows\System32\cmd.exe	ACME\cjohnson	udp	10.10.2.11	50300	10.10.1.154	445
2470	PROXY-01	2026-02-12T23:22:26.147Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	udp	10.10.1.13	52319	10.10.3.171	8080
2471	PROXY-01	2026-02-18T01:18:29.308Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	tcp	10.10.1.13	61938	154.222.211.197	445
2472	PROXY-01	2026-02-10T17:49:18.040Z	3	C:\Windows\System32\MsMpEng.exe	ACME\fthompson	udp	10.10.1.13	49615	6.15.33.201	443
2473	PROXY-01	2026-02-20T03:00:43.235Z	3	C:\Windows\System32\taskhostw.exe	ACME\fthompson	udp	10.10.1.13	59193	23.30.41.150	8080	draftkings.com
2474	PROXY-01	2026-02-16T06:20:39.897Z	3	C:\Windows\System32\SearchHost.exe	ACME\fthompson	udp	10.10.1.13	55875	44.209.167.152	389
2475	PROXY-01	2026-02-16T08:22:48.288Z	3	C:\Windows\System32\smss.exe	ACME\fthompson	tcp	10.10.1.13	60195	90.150.230.108	389
2476	PROXY-01	2026-02-18T08:41:11.223Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	tcp	10.10.1.13	62478	10.10.3.144	443
2477	PROXY-01	2026-02-16T10:29:04.204Z	3	C:\Windows\System32\cmd.exe	ACME\fthompson	udp	10.10.1.13	55245	141.39.121.219	8080
2478	PROXY-01	2026-02-20T14:28:40.498Z	3	C:\Windows\System32\dwm.exe	ACME\fthompson	tcp	10.10.1.13	58995	124.65.251.107	80
2479	PROXY-01	2026-02-16T21:47:25.883Z	3	C:\Windows\System32\explorer.exe	ACME\fthompson	udp	10.10.1.13	61096	205.9.255.168	443
2480	PROXY-01	2026-02-15T03:50:15.023Z	3	C:\Windows\System32\winlogon.exe	ACME\fthompson	tcp	10.10.1.13	50086	104.234.219.251	53
2481	PROXY-01	2026-02-15T14:15:44.979Z	3	C:\Windows\System32\cmd.exe	ACME\fthompson	udp	10.10.1.13	65499	183.33.17.182	3389
2482	PROXY-01	2026-02-14T22:07:49.389Z	3	C:\Windows\System32\code.exe	ACME\fthompson	tcp	10.10.1.13	59150	10.10.2.113	8080
2483	PROXY-01	2026-02-13T09:51:55.810Z	3	C:\Program Files\msedge.exe	ACME\fthompson	tcp	10.10.1.13	63131	10.10.3.117	389
2484	PROXY-01	2026-02-11T05:31:48.707Z	3	C:\Windows\System32\RuntimeBroker.exe	ACME\fthompson	tcp	10.10.1.13	58686	10.10.2.110	3389
2485	PROXY-01	2026-02-14T07:21:37.971Z	3	C:\Windows\System32\services.exe	ACME\fthompson	tcp	10.10.1.13	49756	10.10.1.115	3389
2486	PROXY-01	2026-02-11T21:00:44.880Z	3	C:\Program Files\msedge.exe	ACME\fthompson	udp	10.10.1.13	62166	187.111.252.237	445
2487	PROXY-01	2026-02-20T16:14:00.769Z	3	C:\Windows\System32\outlook.exe	ACME\fthompson	udp	10.10.1.13	59250	10.10.3.102	80	dc-01.acme.local
2488	PROXY-01	2026-02-17T22:40:59.457Z	3	C:\Windows\System32\OneDrive.exe	ACME\fthompson	udp	10.10.1.13	49548	10.10.1.133	443
2489	PROXY-01	2026-02-11T15:29:29.267Z	3	C:\Windows\System32\lsass.exe	ACME\fthompson	udp	10.10.1.13	51629	103.214.142.161	3389
2490	PROXY-01	2026-02-18T19:54:34.079Z	3	C:\Windows\System32\powershell.exe	ACME\fthompson	tcp	10.10.1.13	57569	64.63.133.113	389
2491	PROXY-01	2026-02-11T19:49:21.008Z	3	C:\Windows\System32\explorer.exe	ACME\fthompson	tcp	10.10.1.13	60097	10.10.1.112	80
2492	PROXY-01	2026-02-16T22:34:13.944Z	3	C:\Windows\System32\SearchHost.exe	ACME\fthompson	tcp	10.10.1.13	60736	40.57.76.78	389
2493	PROXY-01	2026-02-17T11:22:58.938Z	3	C:\Windows\System32\spoolsv.exe	ACME\fthompson	tcp	10.10.1.13	59674	49.77.137.236	389
2494	PROXY-01	2026-02-16T10:53:34.751Z	3	C:\Windows\System32\cmd.exe	ACME\fthompson	udp	10.10.1.13	54679	48.200.145.92	3389
2495	PROXY-01	2026-02-19T06:26:56.830Z	3	C:\Windows\System32\svchost.exe	ACME\fthompson	tcp	10.10.1.13	59782	10.10.1.103	80
2496	PROXY-01	2026-02-18T03:05:47.272Z	3	C:\Windows\System32\code.exe	ACME\fthompson	tcp	10.10.1.13	58327	10.10.2.131	389
2497	PROXY-01	2026-02-16T15:25:39.861Z	3	C:\Windows\System32\dwm.exe	ACME\fthompson	tcp	10.10.1.13	65020	10.10.1.172	445
2498	PROXY-01	2026-02-11T19:57:32.555Z	3	C:\Windows\System32\code.exe	ACME\fthompson	tcp	10.10.1.13	62084	80.182.25.148	445
2499	PROXY-01	2026-02-14T22:25:13.698Z	3	C:\Windows\System32\taskhostw.exe	ACME\fthompson	udp	10.10.1.13	62110	10.10.1.151	3389
2500	PROXY-01	2026-02-16T16:32:43.048Z	3	C:\Windows\System32\cmd.exe	ACME\fthompson	udp	10.10.1.13	50752	9.180.73.194	3389

The file is too large to be shown. View Raw

302 KiB Raw Permalink Blame History

302 KiB

Raw Permalink Blame History