Access Log Tail The current time is Fri Dec 15, 2017 16:19:31 UTC #Software: SGOS 6.5.10.6 #Version: 1.0 #Start-Date: 2017-12-15 16:19:31 #Date: 2017-12-15 15:46:28 #Fields: date time time-taken c-ip cs-username cs-auth-group x-exception-id sc-filter-result cs-categories cs(Referer) sc-status s-action cs-method rs(Content-Type) cs-uri-scheme cs-host cs-uri-port cs-uri-path cs-uri-query cs-uri-extension cs(User-Agent) s-ip sc-bytes cs-bytes x-virus-id x-bluecoat-application-name x-bluecoat-application-operation #Remark: 4116320179 "BKI-Proxy1" "172.16.1.188" "BKI-Proxy1" 2017-12-15 16:19:26 4 172.23.9.55 vt100507$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:26 1 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:26 2 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 5 172.23.9.55 vt100507$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3150 - "none" "none" 2017-12-15 16:19:26 4 172.23.8.212 v05082$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 489 237 - "Lync Online" "none" 2017-12-15 16:19:26 1 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 4 172.23.8.212 v05082$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 1 172.23.9.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 1 172.23.9.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 5 172.23.9.55 vt100507$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.9.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 5 172.23.9.55 vt100507$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3148 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 1 172.23.8.178 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.8.178 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 4 172.23.8.178 v05099$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 1 172.23.8.178 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 2 172.23.8.178 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 4 172.23.8.178 v05099$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:26 294 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 5664 1395 - "Lync Online" "none" 2017-12-15 16:19:26 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 306 107 - "Lync Online" "none" 2017-12-15 16:19:26 4 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 489 196 - "Lync Online" "none" 2017-12-15 16:19:27 823 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 14521 7978 - "Lync Online" "none" 2017-12-15 16:19:27 1 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:27 2 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:27 4 172.23.5.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:27 1 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:27 2 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:27 3 172.23.5.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:27 1 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:27 2 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:27 3 172.23.5.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:27 1 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:27 2 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:27 4 172.23.5.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:27 1 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:27 1 172.23.5.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:27 4 172.23.5.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:28 1 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:28 2 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:28 3 172.23.8.118 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:28 1 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:28 2 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:28 3 172.23.8.118 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:28 1 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:28 1 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:28 4 172.23.8.118 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:28 1 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:28 2 172.23.8.118 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:28 4 172.23.8.118 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:28 1 172.23.9.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1909ffb4cb9004fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:28 2 172.23.9.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1909ffb4cb9004fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:28 4 172.23.9.33 v05145$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1909ffb4cb9004fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:28 1 172.23.9.36 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bdcc7a34daf50d76 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:28 2 172.23.9.36 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bdcc7a34daf50d76 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:28 5 172.23.9.36 v05142$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bdcc7a34daf50d76 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 1 172.23.10.196 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?319031d934e1d401 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 2 172.23.10.196 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?319031d934e1d401 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 4 172.23.10.196 bcppb001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?319031d934e1d401 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 2 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6d4fd57e324a86cb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 2 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6d4fd57e324a86cb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 5 172.23.6.224 v17063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6d4fd57e324a86cb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 1 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cdbe2a200140b675 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 2 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cdbe2a200140b675 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 4 172.23.6.224 v17063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cdbe2a200140b675 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:29 1 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8c96a145545f8fb7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8c96a145545f8fb7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 5 172.23.3.218 v01003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8c96a145545f8fb7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 1 172.23.8.205 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?631c1b5700259b1d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 2 172.23.8.205 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?631c1b5700259b1d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 5 172.23.8.205 v05073$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?631c1b5700259b1d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 1 172.23.8.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?8a8dbd4c5d510096 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 2 172.23.8.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?8a8dbd4c5d510096 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 4 172.23.8.139 v10-mc12$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?8a8dbd4c5d510096 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 932 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 1 172.23.8.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0af10bfb15f7b5b7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 2 172.23.8.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0af10bfb15f7b5b7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:30 4 172.23.8.139 v10-mc12$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0af10bfb15f7b5b7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:31 2 172.23.9.34 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:19:31 1 172.23.9.34 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:19:31 4 172.23.9.34 v05141$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:19:31 2 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e2f128ffaadd920b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:31 2 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e2f128ffaadd920b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:31 5 172.23.9.60 vt100513$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e2f128ffaadd920b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:31 27982 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webdir0f.online.lync.com 443 / - - - 172.16.1.188 11799 10775 - "Lync Online" "none" 2017-12-15 16:19:31 27391 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webdir0f.online.lync.com 443 / - - - 172.16.1.188 10823 8487 - "Lync Online" "none" 2017-12-15 16:19:31 29862 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webdir0f.online.lync.com 443 / - - - 172.16.1.188 24572 2151 - "Lync Online" "none" 2017-12-15 16:19:31 30472 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webdir0f.online.lync.com 443 / - - - 172.16.1.188 36700 2151 - "Lync Online" "none" 2017-12-15 16:19:32 1 172.23.10.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:32 98945 172.23.5.221 2781 BKI\Internet%20Group - OBSERVED "Mixed Content/Potentially Adult;Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp www.youtube.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1223 2644 - "YouTube" "none" 2017-12-15 16:19:32 110012 172.23.5.221 2781 BKI\Internet%20Group - OBSERVED "Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1526 1909 - "none" "none" 2017-12-15 16:19:32 2 172.23.10.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:32 4 172.23.10.141 v11053$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:32 1 172.23.10.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:32 2 172.23.10.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:32 5 172.23.10.141 v11053$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:33 7 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:33 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:33 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:19:33 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:19:33 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:33 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:33 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:19:33 12 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:19:34 2 172.23.4.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5fc2e3f399f5f5e8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 1 172.23.7.210 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?80c3166bb74b9255 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 2 172.23.4.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5fc2e3f399f5f5e8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 5 172.23.4.200 v16007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5fc2e3f399f5f5e8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 2 172.23.7.210 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?80c3166bb74b9255 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 5 172.23.7.210 v16045$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?80c3166bb74b9255 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 1 172.23.8.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a555caed2a52298e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 2 172.23.8.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a555caed2a52298e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 4 172.23.8.154 v10-mc26$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a555caed2a52298e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 73562 172.23.10.79 4047 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Whitelist;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp armmf.adobe.com 443 / - - - 172.16.1.188 33548 1484 - "none" "none" 2017-12-15 16:19:34 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3f4cbe4968199465 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3f4cbe4968199465 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:34 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3f4cbe4968199465 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:35 1 172.23.9.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:35 1 172.23.9.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:35 1 172.23.9.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:35 4 172.23.9.72 vt100505$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:19:35 6 172.23.9.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:19:35 6 172.23.9.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:19:35 3 172.23.9.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:35 7 172.23.9.72 vt100505$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 23916 - "none" "none" 2017-12-15 16:19:35 16 172.23.8.58 vt100510$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:19:36 3 172.23.8.35 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http pki.google.com 80 /GIAG2.crl - crl "Microsoft-CryptoAPI/6.3" 172.16.1.188 1477 231 - "none" "none" 2017-12-15 16:19:36 2 172.23.8.35 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http pki.google.com 80 /GIAG2.crl - crl "Microsoft-CryptoAPI/6.3" 172.16.1.188 1677 356 - "none" "none" 2017-12-15 16:19:36 5 172.23.8.35 3113 BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 304 TCP_HIT GET application/pkix-crl http pki.google.com 80 /GIAG2.crl - crl "Microsoft-CryptoAPI/6.3" 172.16.1.188 413 912 - "none" "none" 2017-12-15 16:19:36 1 172.23.7.148 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab45a49c4b9db156 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:36 2 172.23.7.148 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab45a49c4b9db156 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:36 4 172.23.7.148 v10010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab45a49c4b9db156 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:36 1 172.23.9.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?800955827358bf24 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:36 2 172.23.9.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?800955827358bf24 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:36 5 172.23.9.70 vt100525$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?800955827358bf24 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:37 2 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?32c348376340793c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:19:37 2 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?32c348376340793c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:19:37 4 172.23.9.238 vt100537$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?32c348376340793c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 932 - "Microsoft Update" "Update Software" 2017-12-15 16:19:37 2 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c16678c092bafbd3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:37 2 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c16678c092bafbd3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:37 5 172.23.9.238 vt100537$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c16678c092bafbd3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:38 1 172.23.9.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8984d43a8a64ecdb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:38 2 172.23.9.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8984d43a8a64ecdb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:38 4 172.23.9.249 bcpat012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8984d43a8a64ecdb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:19:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:19:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:19:39 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:19:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:19:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:19:39 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:19:39 2 172.23.9.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd672d6b78a8a26f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:19:39 2 172.23.9.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd672d6b78a8a26f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 4 172.23.9.135 testpool5$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd672d6b78a8a26f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:19:39 1 172.23.4.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?433ca6727fd31c8c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 2 172.23.4.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?433ca6727fd31c8c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 4 172.23.4.221 v17021$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?433ca6727fd31c8c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 2 172.23.8.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a2b994fe5bf9ac70 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 2 172.23.8.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a2b994fe5bf9ac70 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:39 4 172.23.8.45 v11003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a2b994fe5bf9ac70 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:40 1 172.23.10.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?68000f73d84e38b1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:40 2 172.23.10.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?68000f73d84e38b1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:40 4 172.23.10.175 bcpfb002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?68000f73d84e38b1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:40 2 172.23.8.58 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:19:40 2 172.23.8.58 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:19:40 4 172.23.8.58 vt100510$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 762 - "none" "none" 2017-12-15 16:19:40 2 172.23.7.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a4f33d343596a3bc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:40 2 172.23.7.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a4f33d343596a3bc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:40 4 172.23.7.200 v16033$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a4f33d343596a3bc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:41 2 172.23.0.161 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8993b84eb9ceff84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:41 2 172.23.0.161 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8993b84eb9ceff84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:41 4 172.23.0.161 v07008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8993b84eb9ceff84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 3 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151619 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:19:42 7 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151619 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 6 172.23.0.166 v07010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 18 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151619 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2bad1143d872eaf3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2bad1143d872eaf3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 5 172.23.0.166 v07010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2bad1143d872eaf3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.7.232 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:42 1 172.23.7.232 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151619 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 6 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151619 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:19:42 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 9 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151619 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?49df5eaa2b80c0fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?49df5eaa2b80c0fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?49df5eaa2b80c0fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 5 172.23.0.72 v20140$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.7.232 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:42 4 172.23.7.232 v16054$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:42 2 172.23.7.232 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:42 2 172.23.7.232 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:42 3 172.23.7.232 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:42 6 172.23.7.232 v16054$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:19:42 1 172.23.4.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:42 1 172.23.4.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:42 2 172.23.4.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:42 3 172.23.4.154 v16003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:42 23 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1487 1472 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1992 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1992 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:19:42 15 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1011 2681 - "none" "none" 2017-12-15 16:19:42 2 172.23.4.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:42 2 172.23.4.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:42 2 172.23.4.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:42 5 172.23.4.154 v16003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:19:42 31 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1487 1472 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:19:42 3 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:19:42 11 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1013 2682 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:42 1 172.23.4.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:19:42 1 172.23.4.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.4.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 3 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:42 3 172.23.4.154 v16003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 3 172.23.4.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 2 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:42 2 172.23.4.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:19:42 3 172.23.4.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 5 172.23.4.154 v16003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3135 - "Microsoft Update" "Update Software" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:42 2 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:42 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:42 1 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:42 3 172.23.0.72 v20140$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:19:43 3 172.23.8.84 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1250a7a20b5978bb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 2 172.23.8.84 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1250a7a20b5978bb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 5 172.23.8.84 v10023$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1250a7a20b5978bb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 2 172.23.7.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 2 172.23.7.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 13 172.23.7.139 v11006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 56 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1079 103595 - "none" "none" 2017-12-15 16:19:43 1 172.23.7.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 2 172.23.7.139 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 4 172.23.7.139 v11006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:43 14 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1080 87945 - "none" "none" 2017-12-15 16:19:43 53 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1084 103195 - "none" "none" 2017-12-15 16:19:43 15 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1083 89757 - "none" "none" 2017-12-15 16:19:43 1 172.23.9.10 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:43 2 172.23.9.10 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:43 2 172.23.9.10 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:43 5 172.23.9.10 v05126$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:43 2 172.23.9.10 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:43 2 172.23.9.10 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:44 2 172.23.9.10 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:44 5 172.23.9.10 v05126$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:44 2 172.23.9.10 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 1 172.23.9.10 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.9.10 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 4 172.23.9.10 v05126$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.9.10 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.9.10 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.9.10 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 10 172.23.9.10 v05126$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 3 172.18.57.135 - - authentication_failed DENIED "Technology/Internet;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp mtalk.google.com 443 / - - - 172.16.1.188 306 99 - "Google Talk" "none" 2017-12-15 16:19:44 7 172.23.4.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?beddaee9a2ad0aab cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.4.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?beddaee9a2ad0aab cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 4 172.23.4.134 v20074$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?beddaee9a2ad0aab cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 1 172.23.1.213 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8ed1f6f80bd65aa0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.1.213 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8ed1f6f80bd65aa0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 4 172.23.1.213 v09002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8ed1f6f80bd65aa0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 1 172.23.6.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a7ce8d013abc5d06 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 2 172.23.6.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a7ce8d013abc5d06 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:44 4 172.23.6.255 v20045$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a7ce8d013abc5d06 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:45 7 172.23.9.206 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:19:45 1 172.23.8.178 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:45 2 172.23.8.178 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:45 3 172.23.8.178 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:45 1 172.23.8.178 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:45 38 172.23.9.206 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:19:45 3 172.23.9.206 p21006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:19:45 3 172.23.8.178 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:45 3 172.23.8.178 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:45 1 172.23.9.206 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:19:45 2 172.23.9.206 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:19:45 4 172.23.9.206 p21006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:19:45 1 172.23.8.178 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:45 2 172.23.8.178 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:45 3 172.23.8.178 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:19:45 1 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?31ad1c43f5fef4f1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:46 2 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?31ad1c43f5fef4f1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:46 4 172.23.0.234 v15029$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?31ad1c43f5fef4f1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:46 1 172.23.0.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d80a501d42e01a31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:46 2 172.23.0.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d80a501d42e01a31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:46 4 172.23.0.103 trainee08$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d80a501d42e01a31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:19:47 1 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d1f4a879113337c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:47 2 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d1f4a879113337c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:47 4 172.23.8.69 v05152$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d1f4a879113337c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:47 2 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:19:47 2 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:19:47 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:19:47 2 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:19:47 2 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:19:47 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:19:48 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:48 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:48 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:48 3 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 734 - "none" "none" 2017-12-15 16:19:48 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:48 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:48 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:48 5 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3142 - "none" "none" 2017-12-15 16:19:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:19:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:19:48 1 172.23.3.219 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:48 1 172.23.3.219 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:48 1 172.23.3.219 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:48 3 172.23.3.219 v10001$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:48 4 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sippoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 162 - "Lync Online" "none" 2017-12-15 16:19:48 2 172.23.3.219 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:48 2 172.23.3.219 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:48 2 172.23.3.219 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:48 5 172.23.3.219 v10001$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:48 3 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sippoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 251 - "Lync Online" "none" 2017-12-15 16:19:48 6 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:19:48 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:19:48 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:19:48 715 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:19:48 267 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp sippoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 5666 1400 - "Lync Online" "none" 2017-12-15 16:19:49 3 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sippoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 121 - "Lync Online" "none" 2017-12-15 16:19:49 3 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sippoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 210 - "Lync Online" "none" 2017-12-15 16:19:49 2 172.23.8.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:49 3 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:19:49 2 172.23.8.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:49 3 172.23.8.142 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:49 4 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:19:49 1 172.23.8.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:49 2 172.23.8.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:49 3 172.23.8.142 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:49 1 172.23.8.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:19:49 1 172.23.8.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:19:49 4 172.23.8.142 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:19:49 2 172.23.6.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cb27a6a88160ac68 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:49 43 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:19:49 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:19:49 1 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef0b9e1d5f5d3be6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:49 2 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef0b9e1d5f5d3be6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:49 5 172.23.7.70 v20117$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef0b9e1d5f5d3be6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:49 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:19:50 2 172.23.6.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cb27a6a88160ac68 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 4 172.23.6.233 v20022$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cb27a6a88160ac68 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 1 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?732e827e0dd3b228 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?732e827e0dd3b228 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 4 172.23.8.195 v05062$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?732e827e0dd3b228 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 1 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?56c148e1554d6f84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 2 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?56c148e1554d6f84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 4 172.23.0.75 v20133$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?56c148e1554d6f84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:50 20 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp go.microsoft.com 443 / - - - 172.16.1.188 306 69 - "none" "none" 2017-12-15 16:19:50 39 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:50 39 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:50 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 305 83 - "none" "none" 2017-12-15 16:19:50 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:50 5 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp go.microsoft.com 443 / - - - 172.16.1.188 489 158 - "none" "none" 2017-12-15 16:19:50 8 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:50 1 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:19:50 5 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 488 172 - "none" "none" 2017-12-15 16:19:50 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:50 73 192.168.11.95 - - authentication_failed DENIED "o356;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp images.edge.messenger.live.com 443 / - - - 172.16.1.188 306 97 - "Windows Live Messenger" "none" 2017-12-15 16:19:50 4 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:50 7 192.168.11.95 - - authentication_failed DENIED "o356;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp images.edge.messenger.live.com 443 / - - - 172.16.1.188 489 186 - "Windows Live Messenger" "none" 2017-12-15 16:19:50 35 192.168.11.95 4060 BKI\Information%20Technology%20Group policy_denied DENIED "o356;Chat (IM)/SMS" - 403 TCP_DENIED CONNECT - tcp images.edge.messenger.live.com 443 / - - - 172.16.1.188 184 746 - "Windows Live Messenger" "none" 2017-12-15 16:19:50 215 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 10494 8014 - "none" "none" 2017-12-15 16:19:50 1 192.168.11.95 - - authentication_failed PROXIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 305 87 - "Office Online" "none" 2017-12-15 16:19:50 2 192.168.11.95 - - authentication_failed PROXIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 488 176 - "Office Online" "none" 2017-12-15 16:19:50 396 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp go.microsoft.com 443 / - - - 172.16.1.188 5509 1450 - "none" "none" 2017-12-15 16:19:50 363 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 5847 2118 - "Lync Online" "none" 2017-12-15 16:19:50 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:51 259 192.168.11.95 - - authentication_failed DENIED "o356;Informational;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp quicktips.skypeforbusiness.com 443 / - - - 172.16.1.188 489 186 - "Lync Online" "none" 2017-12-15 16:19:51 35 192.168.11.95 4060 BKI\Information%20Technology%20Group policy_denied DENIED "o356;Informational;Internet Telephony;Chat (IM)/SMS" - 403 TCP_DENIED CONNECT - tcp quicktips.skypeforbusiness.com 443 / - - - 172.16.1.188 184 746 - "Lync Online" "none" 2017-12-15 16:19:51 14 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:51 502 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 17464 7738 - "Office Online" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:51 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 305 83 - "none" "none" 2017-12-15 16:19:51 3 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 488 172 - "none" "none" 2017-12-15 16:19:51 2 172.23.9.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?03db0c163343c92d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:51 2 172.23.9.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?03db0c163343c92d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:51 4 172.23.9.233 vt100553$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?03db0c163343c92d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:51 278 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 10494 8014 - "none" "none" 2017-12-15 16:19:52 1 192.168.11.95 - - authentication_failed PROXIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 305 87 - "Office Online" "none" 2017-12-15 16:19:52 2 192.168.11.95 - - authentication_failed PROXIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 488 176 - "Office Online" "none" 2017-12-15 16:19:52 2190 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet;Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 4735 4889 - "none" "none" 2017-12-15 16:19:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:19:52 9 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED HEAD - http officecdn.microsoft.com 80 /pr/7ffbc6bf-bc32-4f92-8982-f9dd17fd3114/Office/Data/v64_16.0.8201.2209.cab - cab "OfficeClickToRun" 172.16.1.188 354 274 - "Office Online" "none" 2017-12-15 16:19:52 680 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 17544 7706 - "Office Online" "none" 2017-12-15 16:19:52 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:52 17 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED HEAD - http officecdn.microsoft.com 80 /pr/7ffbc6bf-bc32-4f92-8982-f9dd17fd3114/Office/Data/v64_16.0.8201.2209.cab - cab "OfficeClickToRun" 172.16.1.188 537 363 - "Office Online" "none" 2017-12-15 16:19:52 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:52 54 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 301 TCP_NC_MISS HEAD - http officecdn.microsoft.com 80 /pr/7ffbc6bf-bc32-4f92-8982-f9dd17fd3114/Office/Data/v64_16.0.8201.2209.cab - cab "OfficeClickToRun" 172.16.1.188 276 923 - "Office Online" "none" 2017-12-15 16:19:52 2 172.23.5.21 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:52 20 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Content Servers" - 200 TCP_NC_MISS HEAD application/octet-stream http officecdn.microsoft.com.edgesuite.net 80 /pr/7ffbc6bf-bc32-4f92-8982-f9dd17fd3114/Office/Data/v64_16.0.8201.2209.cab - cab "OfficeClickToRun" 172.16.1.188 363 266 - "Office Online" "none" 2017-12-15 16:19:52 1 172.23.5.21 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:52 6 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:52 5 172.23.5.21 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:52 5 172.23.5.21 v13003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:52 1 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_HIT GET application/octet-stream http officecdn.microsoft.com 80 /pr/7ffbc6bf-bc32-4f92-8982-f9dd17fd3114/Office/Data/v64_16.0.8201.2209.cab - cab "OfficeClickToRun" 172.16.1.188 17692 249 - "Office Online" "none" 2017-12-15 16:19:52 2 172.23.5.21 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:52 2 172.23.5.21 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:52 10 172.23.5.21 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:52 6 172.23.5.21 v13003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:53 1 172.23.9.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?77bf55b01900f2be cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 2 172.23.9.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?77bf55b01900f2be cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 1 172.23.5.21 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 5 172.23.9.136 testpool6$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?77bf55b01900f2be cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 1 172.23.5.21 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 2 172.23.5.21 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 4 172.23.5.21 v13003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 2 172.23.5.21 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 3 172.23.5.21 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 2 172.23.5.21 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 7 172.23.5.21 v13003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:53 3 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 305 77 - "none" "none" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 305 103 - "none" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 18 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 20 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1202 365 - "none" "none" 2017-12-15 16:19:53 11 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 11 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 3 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 488 166 - "none" "none" 2017-12-15 16:19:53 3 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 488 192 - "none" "none" 2017-12-15 16:19:53 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 5 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 16 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 17 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1402 454 - "none" "none" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 1 172.23.8.218 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:53 2 172.23.8.218 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 2 172.23.8.218 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:53 4 172.23.8.218 v05089$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:53 2 172.23.8.218 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:53 43 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 2 172.23.8.218 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:53 3 172.23.8.218 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:53 5 172.23.8.218 v05089$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:53 234 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 3517 1563 - "none" "none" 2017-12-15 16:19:53 243 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 4370 1517 - "none" "none" 2017-12-15 16:19:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:53 5 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1402 428 - "none" "none" 2017-12-15 16:19:53 1 172.23.8.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 1 172.23.8.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 305 103 - "none" "none" 2017-12-15 16:19:53 2 172.23.8.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:53 4 172.23.8.218 v05089$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 2 172.23.8.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 2 172.23.8.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 2 172.23.8.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 5 172.23.8.218 v05089$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 488 192 - "none" "none" 2017-12-15 16:19:54 465 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 302 TCP_NC_MISS GET text/html;%20charset=UTF-8 http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 894 1050 - "none" "none" 2017-12-15 16:19:54 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 / - - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1402 425 - "none" "none" 2017-12-15 16:19:54 592 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6187 9870 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 1 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:19:54 610 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6187 9870 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 389 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 302 TCP_NC_MISS GET text/html;%20charset=UTF-8 http bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 816 1024 - "none" "none" 2017-12-15 16:19:54 349 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 6977 6897 - "none" "none" 2017-12-15 16:19:54 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 45 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Email" - 407 TCP_DENIED CONNECT - tcp bkiconnect.mail.onmicrosoft.com 443 / - - - 172.16.1.188 306 99 - "Office Online" "none" 2017-12-15 16:19:54 43 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Email" - 407 TCP_DENIED CONNECT - tcp autodiscover.bkiconnect.mail.onmicrosoft.com 443 / - - - 172.16.1.188 306 125 - "Office Online" "none" 2017-12-15 16:19:54 47 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Email" - 407 TCP_DENIED GET - http autodiscover.bkiconnect.mail.onmicrosoft.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1505 398 - "Office Online" "none" 2017-12-15 16:19:54 10 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Email" - 407 TCP_DENIED CONNECT - tcp bkiconnect.mail.onmicrosoft.com 443 / - - - 172.16.1.188 489 188 - "Office Online" "none" 2017-12-15 16:19:54 10 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Email" - 407 TCP_DENIED CONNECT - tcp autodiscover.bkiconnect.mail.onmicrosoft.com 443 / - - - 172.16.1.188 489 214 - "Office Online" "none" 2017-12-15 16:19:54 9 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Email" - 407 TCP_DENIED GET - http autodiscover.bkiconnect.mail.onmicrosoft.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1705 487 - "Office Online" "none" 2017-12-15 16:19:54 1 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:19:54 34 192.168.11.95 4060 BKI\Information%20Technology%20Group tcp_error DENIED "Whitelist;o356;Email" - 503 TCP_ERR_MISS CONNECT - tcp bkiconnect.mail.onmicrosoft.com 443 / - - - 172.16.1.188 185 748 - "Office Online" "none" 2017-12-15 16:19:54 367 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_NC_MISS GET text/html;%20charset=UTF-8 http autodiscover.bangkokinsurance.com 80 / - - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 0 1021 - "none" "none" 2017-12-15 16:19:54 98 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Whitelist;o356;Email" - 302 TCP_NC_MISS GET - http autodiscover.bkiconnect.mail.onmicrosoft.com 80 /autodiscover/autodiscover.xml - xml "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 419 1083 - "Office Online" "none" 2017-12-15 16:19:54 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 1018 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 35871 9870 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 29 192.168.11.95 - - authentication_failed DENIED "O365_set2;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 489 178 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 1131 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 9555 9870 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 1 172.23.7.241 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:54 2 172.23.7.241 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:54 2 172.23.9.220 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c43e2849fbd09447 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 3 172.23.9.220 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c43e2849fbd09447 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 2 172.23.7.241 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:54 4 172.23.9.220 p06044$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c43e2849fbd09447 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:19:54 5 172.23.7.241 v16067$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:54 2 172.23.7.241 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:54 3 172.23.7.241 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:54 2 172.23.7.241 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:54 5 172.23.7.241 v16067$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:54 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:54 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 172.23.7.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 172.23.7.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 2 172.23.7.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 4 172.23.7.241 v16067$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 2 172.23.7.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 2 172.23.7.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 2 172.23.7.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 5 172.23.7.241 v16067$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed DENIED "O365_set2;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 306 89 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 469 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "O365_set2;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 4598 1512 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 6 192.168.11.95 - - authentication_failed DENIED "O365_set2;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 489 178 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:55 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:55 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:19:55 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:19:55 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:55 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:19:55 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:19:55 5 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:19:55 415 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6730 11454 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 30504 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r6---sn-w5nuxa-c33ld.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 39 903 - "YouTube" "none" 2017-12-15 16:19:55 1 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33ld.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:19:55 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33ld.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:19:55 462 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "O365_set2;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 4598 1512 - "Office 365 Exchange" "none" 2017-12-15 16:19:55 1 172.23.0.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dde51a587877bfa2 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 3 172.23.0.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dde51a587877bfa2 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 5 172.23.0.175 clone-win7$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dde51a587877bfa2 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:19:55 5220 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 36172 2102 - "Lync Online" "none" 2017-12-15 16:19:55 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 305 83 - "none" "none" 2017-12-15 16:19:55 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 488 172 - "none" "none" 2017-12-15 16:19:55 1 172.23.8.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b0ef0931a294471 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 2 172.23.8.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b0ef0931a294471 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 5 172.23.8.140 v12067$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b0ef0931a294471 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 210 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp fs.bangkokinsurance.com 443 / - - - 172.16.1.188 10494 8014 - "none" "none" 2017-12-15 16:19:56 1 192.168.11.95 - - authentication_failed PROXIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 305 87 - "Office Online" "none" 2017-12-15 16:19:56 5001 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 24620 2118 - "Lync Online" "none" 2017-12-15 16:19:56 2 192.168.11.95 - - authentication_failed PROXIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 488 176 - "Office Online" "none" 2017-12-15 16:19:56 534 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp login.microsoftonline.com 443 / - - - 172.16.1.188 17496 7754 - "Office Online" "none" 2017-12-15 16:19:56 1 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:56 1 192.168.11.95 - - authentication_failed DENIED "O365_set2;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 306 89 - "Office 365 Exchange" "none" 2017-12-15 16:19:56 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:56 2 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 4 172.23.10.142 v11059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 2 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 2 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 3 172.23.10.142 v11059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 11 192.168.11.95 - - authentication_failed DENIED "O365_set2;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 489 178 - "Office 365 Exchange" "none" 2017-12-15 16:19:56 1 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 1 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 3 172.23.10.142 v11059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 1 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 2 172.23.10.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 4 172.23.10.142 v11059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:56 1 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:19:57 1 172.23.9.0 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:57 1 172.23.9.0 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:57 2 172.23.9.0 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:57 5 172.23.9.0 v05115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:57 2 172.23.9.0 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:57 3 172.23.9.0 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:19:57 2 172.23.9.0 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:57 6 172.23.9.0 v05115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:19:57 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:19:57 834 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "O365_set2;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp autodiscover-s.outlook.com 443 / - - - 172.16.1.188 8267 10893 - "Office 365 Exchange" "none" 2017-12-15 16:19:57 1 172.23.8.249 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:57 1 172.23.8.249 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:19:57 2 172.23.8.249 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:19:57 4 172.23.8.249 v05107$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:19:57 5 172.23.8.249 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:19:57 7 172.23.8.249 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:19:57 3 172.23.8.249 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:19:57 7 172.23.8.249 v05107$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 23904 - "none" "none" 2017-12-15 16:19:57 1 172.23.8.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:57 1 172.23.8.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:19:57 2 172.23.8.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:19:57 4 172.23.8.249 v05107$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:19:57 2 172.23.8.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:19:57 1 172.23.7.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:19:57 3 172.23.7.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:19:57 4 172.23.7.248 p02037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:19:57 1 172.23.7.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:19:57 3 172.23.7.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:19:57 4 172.23.7.248 p02037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:19:58 8441 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1605 3079 - "Facebook" "none" 2017-12-15 16:19:58 2 172.23.8.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:19:58 3 172.23.8.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:19:58 5 172.23.8.249 v05107$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3135 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 56160 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Internet Telephony;Chat (IM)/SMS" - 200 TCP_TUNNELED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 8616 172658 - "Lync Online" "none" 2017-12-15 16:19:59 1 172.23.8.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eaba56a96db2aaae cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 4 172.23.8.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eaba56a96db2aaae cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 5 172.23.8.1 p02032$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eaba56a96db2aaae cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 1 172.23.8.53 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db2dcd23eb9049ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 2 172.23.8.53 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db2dcd23eb9049ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 5 172.23.8.53 v01016$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db2dcd23eb9049ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:19:59 760404 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips;Content Servers" - 200 TCP_TUNNELED CONNECT - tcp i9.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 884075 3964 - "YouTube" "none" 2017-12-15 16:19:59 8 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips;Content Servers" - 407 TCP_DENIED CONNECT - tcp i9.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 206 - "YouTube" "none" 2017-12-15 16:19:59 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips;Content Servers" - 407 TCP_DENIED CONNECT - tcp i9.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 295 - "YouTube" "none" 2017-12-15 16:20:00 1 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e8296c04d7750dc3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e8296c04d7750dc3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 6 172.23.3.218 v01003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e8296c04d7750dc3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 1 172.23.8.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 2 172.23.8.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 5 172.23.8.92 v10034$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 1 172.23.8.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 1 172.23.8.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 4 172.23.8.92 v10034$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:00 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:20:00 6209 192.168.11.95 4060 BKI\Information%20Technology%20Group tcp_error DENIED "Whitelist;o356;Email" - 503 TCP_ERR_MISS CONNECT - tcp autodiscover.bkiconnect.mail.onmicrosoft.com 443 / - - - 172.16.1.188 0 774 - "Office Online" "none" 2017-12-15 16:20:01 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:01 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:01 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:20:01 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:20:01 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:01 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:01 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:20:01 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:20:02 4 172.23.8.203 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?619519711234b5db cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:02 2 172.23.8.203 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?619519711234b5db cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:02 5 172.23.8.203 v05071$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?619519711234b5db cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:02 1 172.18.35.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:20:02 2 172.18.35.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 489 237 - "none" "none" 2017-12-15 16:20:02 5 172.18.35.154 c1017 BKI\Div_South%20Region%20Group policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 184 797 - "none" "none" 2017-12-15 16:20:02 1 172.18.35.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:20:02 2 172.18.35.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 489 237 - "none" "none" 2017-12-15 16:20:02 5 172.18.35.154 c1017 BKI\Div_South%20Region%20Group policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 184 797 - "none" "none" 2017-12-15 16:20:02 7 172.18.35.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 239 - "none" "none" 2017-12-15 16:20:02 1 172.18.35.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 328 - "none" "none" 2017-12-15 16:20:02 4 172.18.35.154 c1017 BKI\Div_South%20Region%20Group policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 888 - "none" "none" 2017-12-15 16:20:02 7 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 306 166 - "Lync Online" "none" 2017-12-15 16:20:02 3 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 489 255 - "Lync Online" "none" 2017-12-15 16:20:03 1 172.23.9.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57fb1ee0af8cf8a8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:03 2 172.23.9.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57fb1ee0af8cf8a8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:03 5 172.23.9.34 v05141$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57fb1ee0af8cf8a8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:05 1 172.23.5.33 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:05 2 172.23.5.33 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:05 3 172.23.5.33 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:05 1 172.23.5.33 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:05 2 172.23.5.33 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:05 10 172.23.5.33 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:05 2 172.23.10.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e5ce0308f82a2088 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:05 3 172.23.10.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e5ce0308f82a2088 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:05 5 172.23.10.32 bcpfb009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e5ce0308f82a2088 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:06 10615 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r6---sn-w5nuxa-c33ld.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 190 1661 - "YouTube" "none" 2017-12-15 16:20:06 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:20:06 1 172.23.9.16 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d0c81b6a2ba4b48 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:06 3 172.23.9.16 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d0c81b6a2ba4b48 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:06 4 172.23.9.16 v05130$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d0c81b6a2ba4b48 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:06 1 172.23.8.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1f95b6d44fc08bd4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:06 2 172.23.8.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1f95b6d44fc08bd4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:06 5 172.23.8.34 v11035$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1f95b6d44fc08bd4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:20:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:20:07 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1202 790 - "none" "none" 2017-12-15 16:20:07 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1402 835 - "none" "none" 2017-12-15 16:20:07 37 172.20.2.39 webex BKI\VIP_Int - PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 200 TCP_NC_MISS POST text/plain;%20charset=utf-8 http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 2200 1439 - "none" "none" 2017-12-15 16:20:07 7 172.23.7.206 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 252 - "none" "none" 2017-12-15 16:20:07 5 172.23.7.206 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 341 - "none" "none" 2017-12-15 16:20:07 7 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:20:07 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:20:07 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:20:07 665 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:20:08 1 172.23.10.191 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?afeec7b3838ed61d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 2 172.23.10.191 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?afeec7b3838ed61d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 3 172.23.10.191 bcpmc005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?afeec7b3838ed61d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 1 172.23.5.49 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 317 - "none" "none" 2017-12-15 16:20:08 2 172.23.5.49 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 489 406 - "none" "none" 2017-12-15 16:20:08 2 172.23.5.236 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 2 172.23.5.236 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 4 172.23.5.236 v14019$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 2 172.23.5.236 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 1 172.23.5.236 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 3 172.23.5.236 v14019$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 2 172.23.9.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b5384ad529081910 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 2 172.23.9.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b5384ad529081910 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:08 5 172.23.9.249 bcpat012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b5384ad529081910 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 1 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?25bcd91f52e86811 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 2 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?25bcd91f52e86811 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 5 172.23.8.134 v10-mc09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?25bcd91f52e86811 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 932 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 1 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f05151ec23fd014f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 2 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f05151ec23fd014f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 5 172.23.8.134 v10-mc09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f05151ec23fd014f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 2 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe5d5ce39c052c6d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 2 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe5d5ce39c052c6d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 4 172.23.10.154 bcpab008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe5d5ce39c052c6d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:20:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:20:09 1 172.23.8.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?73fc7dc75a97c64e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:10 2 172.23.8.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?73fc7dc75a97c64e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:10 5 172.23.8.45 v11003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?73fc7dc75a97c64e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:10 18746 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6443 2904 - "Office 365 Exchange" "none" 2017-12-15 16:20:10 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:20:10 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:20:10 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:20:10 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:20:10 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:20:10 724 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:20:10 1759 172.23.5.49 4077 BKI\Internet%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 3438 2579 - "none" "none" 2017-12-15 16:20:12 2 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3b8948cd14dd3eda cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:12 3 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3b8948cd14dd3eda cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:12 4 172.23.9.199 p14031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3b8948cd14dd3eda cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:20:12 7 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:20:12 2 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:20:12 2 172.23.9.199 p14031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:20:12 1 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:20:12 2 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:20:12 4 172.23.9.199 p14031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:20:13 1 172.16.1.4 sms - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http crm.bki.co.th 80 /BKICrmClaimService/CrmClaimServiceRef.asmx - asmx "Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.3053)" 172.16.1.188 1227 725 - "none" "none" 2017-12-15 16:20:13 1 172.16.1.4 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http crm.bki.co.th 80 /BKICrmClaimService/CrmClaimServiceRef.asmx - asmx "Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.3053)" 172.16.1.188 1402 393 - "none" "none" 2017-12-15 16:20:13 3 172.16.1.4 sms - configuration_error PROXIED "Financial Services" - 403 TCP_DENIED POST - http crm.bki.co.th 80 /BKICrmClaimService/CrmClaimServiceRef.asmx - asmx "Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.3053)" 172.16.1.188 897 974 - "none" "none" 2017-12-15 16:20:13 1 172.23.0.234 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:13 1 172.23.0.234 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:13 3 172.23.0.234 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:13 2 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4aebc27f82a7d583 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 1 172.23.0.234 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:13 2 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4aebc27f82a7d583 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 4 172.23.8.243 v05148$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4aebc27f82a7d583 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 1 172.23.0.234 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:13 2 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c54d1078ee0b4929 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 3 172.23.0.234 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:13 1 172.23.0.234 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:13 2 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c54d1078ee0b4929 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 4 172.23.8.243 v05148$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c54d1078ee0b4929 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 2 172.23.0.234 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:13 3 172.23.0.234 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:13 1 172.23.0.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:13 2 172.23.0.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?092666cd82549b11 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 1 172.23.0.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:13 3 172.23.0.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?092666cd82549b11 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 4 172.23.0.92 v19005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?092666cd82549b11 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:13 1 172.23.0.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:13 3 172.23.0.156 v23001$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:13 3 172.23.0.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:13 2 172.23.0.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:13 2 172.23.0.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:13 5 172.23.0.156 v23001$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:20:13 2 172.16.4.237 - - authentication_failed DENIED "Business/Economy" - 407 TCP_DENIED CONNECT - tcp bki.driveprofiler.net 443 / - - - 172.16.1.188 489 164 - "none" "none" 2017-12-15 16:20:14 1 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 131 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.10.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?df68ba73fa78ce61 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 4 172.23.8.180 v05046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 1 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.10.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?df68ba73fa78ce61 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 1 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:20:14 4 172.23.10.34 lg015$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?df68ba73fa78ce61 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 922 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 3 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 3 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:20:14 4 172.23.8.180 v05046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 6 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:20:14 2 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 1 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 5 172.23.8.180 v05046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 1 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.8.180 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 4 172.23.8.180 v05046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.1.213 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8f80eb8b9a6e1970 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.1.213 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8f80eb8b9a6e1970 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 5 172.23.1.213 v09002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8f80eb8b9a6e1970 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.6.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b19f26ebab31f473 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 2 172.23.6.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b19f26ebab31f473 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:14 5 172.23.6.255 v20045$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b19f26ebab31f473 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:15 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:20:15 1 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:20:15 2 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:20:15 53 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1492 1472 - "none" "none" 2017-12-15 16:20:15 1 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:20:15 1 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:20:15 1 172.23.8.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa9437270d03e357 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:15 2 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:20:15 2 172.23.8.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa9437270d03e357 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:15 5 172.23.8.182 v05047$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa9437270d03e357 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:15 34 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1004 2682 - "none" "none" 2017-12-15 16:20:15 2 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:15 2 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:15 4 172.23.8.180 v05046$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:20:15 1 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:15 1 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:15 3 172.23.8.180 v05046$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:20:15 1 172.23.0.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?12ab7cba9f8e0513 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:15 2 172.23.0.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?12ab7cba9f8e0513 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:15 4 172.23.0.137 lcstest01$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?12ab7cba9f8e0513 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:20:16 85 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1071 103595 - "none" "none" 2017-12-15 16:20:16 18 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1071 103197 - "none" "none" 2017-12-15 16:20:16 3 172.30.14.186 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:20:16 39 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1247 - "none" "none" 2017-12-15 16:20:16 3 172.30.14.186 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:20:16 9 172.30.14.186 4309 BKI\Div_East%20Region%20Group policy_denied DENIED "o356;Education;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 892 - "none" "none" 2017-12-15 16:20:16 1 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:20:16 2 172.23.0.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:20:16 43 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:20:16 1 172.23.0.72 v20140$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:20:17 14387 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Internet Telephony;Chat (IM)/SMS" - 200 TCP_TUNNELED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 7556 9430 - "Lync Online" "none" 2017-12-15 16:20:17 25 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:20:17 1 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:20:17 1 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.166 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:20:17 4 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.166 v07010$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:20:17 3 172.23.0.141 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:17 1 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:17 4 172.23.0.141 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:17 1 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:17 4 172.23.0.141 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:17 1 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:17 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:17 3 172.23.0.141 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:17 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:17 2 172.23.0.141 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:17 3 172.23.0.141 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:17 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:20:17 13 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:20:17 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:17 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:17 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:20:17 3 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:20:18 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c5d6c36560819e23 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 2 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c5d6c36560819e23 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 4 172.23.7.19 v20081$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c5d6c36560819e23 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 2 172.23.9.133 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3fdb026bf0c75677 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 2 172.23.9.133 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3fdb026bf0c75677 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 4 172.23.9.133 v10059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3fdb026bf0c75677 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 2 172.23.8.252 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?25b85afef5cc0461 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 2 172.23.8.252 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?25b85afef5cc0461 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:18 3 172.23.8.252 v05110$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?25b85afef5cc0461 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 1 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent" 172.16.1.188 353 200 - "none" "none" 2017-12-15 16:20:19 2 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent" 172.16.1.188 536 325 - "none" "none" 2017-12-15 16:20:19 4 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent" 172.16.1.188 326 893 - "none" "none" 2017-12-15 16:20:19 1 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151620 cab "Windows-Update-Agent" 172.16.1.188 353 219 - "none" "none" 2017-12-15 16:20:19 2 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151620 cab "Windows-Update-Agent" 172.16.1.188 536 344 - "none" "none" 2017-12-15 16:20:19 22 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151620 cab "Windows-Update-Agent" 172.16.1.188 327 912 - "none" "none" 2017-12-15 16:20:19 2 172.23.8.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4d78b05901068ec cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 2 172.23.8.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4d78b05901068ec cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 4 172.23.8.234 v20013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4d78b05901068ec cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:19 1 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:19 1 172.18.35.156 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:20:19 2 172.23.8.145 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29ed4242f967d4c0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:19 2 172.23.8.145 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29ed4242f967d4c0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 4 172.23.5.22 v13004$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:19 6 172.23.8.145 v10-mc19$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29ed4242f967d4c0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:19 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:19 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:19 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:19 4 172.23.5.22 v13004$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:20:19 2 172.18.35.156 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:20:19 5 172.18.35.156 c1029 BKI\Div_North%20East%20Region%20Group policy_denied DENIED "o356;Education;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 884 - "none" "none" 2017-12-15 16:20:20 2 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:20:20 2 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:20:20 4 172.23.8.180 v05046$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:20:20 1 172.23.5.159 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:20 1 172.23.5.159 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:20 2 172.23.5.159 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:20 4 172.23.5.159 v12049$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:20 2 172.23.5.159 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:20 3 172.23.5.159 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:20 2 172.23.5.159 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:20 4 172.23.5.159 v12049$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:20:20 4 172.23.5.159 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:20:20 2 172.23.5.159 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:20:20 8 172.23.5.159 v12049$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:20:20 27072 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 17153 20456 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25831 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 16605 32722 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25845 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7183 10830 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25834 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 73591 21720 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25848 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6634 10654 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25835 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7183 10830 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 29498 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 63434 75018 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25850 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7300 10558 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 25837 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6634 10654 - "Office 365 Exchange" "none" 2017-12-15 16:20:20 28092 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 11703 10806 - "Lync Online" "none" 2017-12-15 16:20:20 27535 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 7996 11632 - "Lync Online" "none" 2017-12-15 16:20:20 27530 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 6775 6294 - "Lync Online" "none" 2017-12-15 16:20:20 27537 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp webpoolsg20f03.infra.lync.com 443 / - - - 172.16.1.188 9463 6278 - "Lync Online" "none" 2017-12-15 16:20:21 1 172.23.4.207 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:21 1 172.23.4.207 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:21 2 172.23.4.207 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:21 4 172.23.4.207 v16011$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:21 2 172.23.4.207 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:21 3 172.23.4.207 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:21 3 172.23.4.207 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:21 5 172.23.4.207 v16011$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:20:21 2 172.23.9.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bd2c4e0164d991a8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:21 2 172.23.9.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bd2c4e0164d991a8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:21 5 172.23.9.233 vt100553$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bd2c4e0164d991a8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 1 172.23.8.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 1 172.23.8.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 3 172.23.8.63 v13059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 1 172.23.8.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 2 172.23.8.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 4 172.23.8.63 v13059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 2 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:20:22 2 172.23.0.72 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:20:22 5 172.23.0.72 v20140$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:20:22 2 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?508b4207d9a0a12d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 2 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?508b4207d9a0a12d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 4 172.23.9.119 v20126$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?508b4207d9a0a12d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 1 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9995fbc1596a3e22 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 2 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9995fbc1596a3e22 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 4 172.23.9.119 v20126$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9995fbc1596a3e22 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:22 1 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:20:22 1 172.23.0.166 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:20:22 4 172.23.0.166 v07010$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:20:22 1 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 892 - "none" "none" 2017-12-15 16:20:22 2 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:20:22 20 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1504 1585 - "none" "none" 2017-12-15 16:20:22 2 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2239 - "none" "none" 2017-12-15 16:20:22 2 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:20:23 28 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1005 2932 - "none" "none" 2017-12-15 16:20:23 1 172.23.10.183 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?defc57acf8b60db5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:23 2 172.23.10.183 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?defc57acf8b60db5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:23 5 172.23.10.183 bcpbv003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?defc57acf8b60db5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:23 57 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:20:23 69 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:20:23 57 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:20:23 68 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:20:23 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:20:23 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:20:23 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:20:23 4 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:20:23 138335 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r6---sn-w5nuxa-c33ld.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 36219772 38544 - "YouTube" "none" 2017-12-15 16:20:23 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:23 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:23 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:20:23 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:20:23 1 172.23.0.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d1f3a58d767c2451 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:23 1 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:23 2 172.23.0.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d1f3a58d767c2451 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:23 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:23 5 172.23.0.160 v07005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d1f3a58d767c2451 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:23 3 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:23 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:23 3 172.23.7.139 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:23 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:20:23 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:20:23 1 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:23 2 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:23 3 172.23.7.139 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:23 1 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:23 2 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:23 4 172.23.7.139 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:23 1 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:23 2 172.23.7.139 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:23 3 172.23.7.139 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:24 98 172.16.4.239 - - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http www.bangkokinsurance.com 80 /EMCS_Data_Survey_Ex/EMCS_Data_Esurv_Ex.asmx - asmx "Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.8009)" 172.16.1.188 707 4265 - "none" "none" 2017-12-15 16:20:24 61 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1076 75030 - "none" "none" 2017-12-15 16:20:24 23 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1079 92130 - "none" "none" 2017-12-15 16:20:25 109687 172.23.4.245 3018 BKI\Internet%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 9615 1984 - "none" "none" 2017-12-15 16:20:25 2 172.23.8.250 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d79808db86361ff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:25 2 172.23.8.250 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d79808db86361ff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:25 5 172.23.8.250 v05108$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d79808db86361ff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:26 1 172.23.8.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0404dcd3c5a4248b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:26 2 172.23.8.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0404dcd3c5a4248b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:26 4 172.23.8.140 v12067$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0404dcd3c5a4248b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:26 1 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 4 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 3 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 3 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 3 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 3 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 4 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.8.190 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 3 172.23.8.190 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:26 3 172.23.7.160 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:26 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:26 2 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:27 3 172.23.7.160 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:27 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:27 2 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:27 3 172.23.7.160 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:27 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:27 2 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:27 3 172.23.7.160 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:27 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:27 2 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:27 4 172.23.7.160 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:27 1 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:27 2 172.23.7.160 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:27 3 172.23.7.160 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:20:27 1 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 1 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 4 172.23.5.33 v13009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 2 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 2 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 5 172.23.5.33 v13009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 1 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 2 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 4 172.23.5.33 v13009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 1 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 2 172.23.5.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 4 172.23.5.33 v13009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 2 172.23.0.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dab53ac0737119e9 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 2 172.23.0.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dab53ac0737119e9 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 4 172.23.0.244 v24075$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dab53ac0737119e9 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:20:27 1 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:20:28 1 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:28 3 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:28 5 172.23.9.168 v13063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:28 2 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:28 2 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:28 4 172.23.9.168 v13063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:28 5 172.23.9.168 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27275 - "none" "none" 2017-12-15 16:20:28 2 172.23.9.168 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:20:28 20 172.23.9.168 v13063$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27964 - "none" "none" 2017-12-15 16:20:29 93 172.30.28.103 - - authentication_failed DENIED "Whitelist;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http www.msftncsi.com 80 /ncsi.txt - txt "Microsoft NCSI" 172.16.1.188 1478 120 - "none" "none" 2017-12-15 16:20:29 2 172.30.28.103 - - authentication_failed DENIED "Whitelist;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http www.msftncsi.com 80 /ncsi.txt - txt "Microsoft NCSI" 172.16.1.188 1678 226 - "none" "none" 2017-12-15 16:20:29 18 172.30.28.103 a58001-cri$ - policy_denied DENIED "Whitelist;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http www.msftncsi.com 80 /ncsi.txt - txt "Microsoft NCSI" 172.16.1.188 1091 829 - "none" "none" 2017-12-15 16:20:29 1 172.23.8.194 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:29 2 172.23.8.194 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:29 4 172.23.8.194 v05063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:29 1 172.23.8.194 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:29 1 172.23.8.194 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:29 4 172.23.8.194 v05063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:29 4 172.23.8.194 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27275 - "none" "none" 2017-12-15 16:20:29 2 172.23.8.194 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:20:29 19 172.23.8.194 v05063$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27964 - "none" "none" 2017-12-15 16:20:30 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 306 166 - "Lync Online" "none" 2017-12-15 16:20:30 3 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 489 255 - "Lync Online" "none" 2017-12-15 16:20:30 1 172.23.10.196 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30d217f21571087a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:30 2 172.23.10.196 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30d217f21571087a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:30 5 172.23.10.196 bcppb001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30d217f21571087a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:30 1 172.23.9.41 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:30 1 172.23.9.41 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:30 2 172.23.9.41 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:30 4 172.23.9.41 v21002$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:30 2 172.23.9.41 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:30 3 172.23.9.41 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:30 2 172.23.9.41 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:30 4 172.23.9.41 v21002$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:20:31 1 172.23.9.41 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 1 172.23.9.41 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 1 172.23.9.41 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 4 172.23.9.41 v21002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 3 172.23.9.41 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 2 172.23.9.41 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 2 172.23.9.41 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 5 172.23.9.41 v21002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:20:31 109 172.23.9.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:20:31 4 172.23.9.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:20:31 4 172.23.9.186 p13049$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:20:31 1 172.23.9.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:20:31 2 172.23.9.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:20:31 5 172.23.9.186 p13049$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:20:34 1 172.23.8.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?72b39e628ffe62db cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:34 2 172.23.8.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?72b39e628ffe62db cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:34 5 172.23.8.154 v10-mc26$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?72b39e628ffe62db cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:35 1 172.23.10.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:35 1 172.23.10.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:35 2 172.23.10.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:35 4 172.23.10.156 bcpab007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:20:35 2 172.23.10.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:20:35 2 172.23.10.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:20:35 2 172.23.10.156 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:35 5 172.23.10.156 bcpab007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3132 - "none" "none" 2017-12-15 16:20:35 4 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?17d46af4b47df158 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:35 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?17d46af4b47df158 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:35 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?17d46af4b47df158 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:36 37 172.16.53.21 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED GET - http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513354836 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 1506 480 - "none" "none" 2017-12-15 16:20:36 1 172.16.53.21 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED GET - http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513354836 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 1506 480 - "none" "none" 2017-12-15 16:20:36 2 172.23.9.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f3f04616120ecec7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 2 172.16.53.21 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED GET - http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513354836 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 1706 569 - "none" "none" 2017-12-15 16:20:37 2 172.23.9.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f3f04616120ecec7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 4 172.23.9.70 vt100525$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f3f04616120ecec7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 1 172.23.7.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 2 172.23.7.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 4 172.23.7.32 v20096$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 2 172.23.7.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 2 172.23.7.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 4 172.23.7.32 v20096$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 1 172.23.7.148 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5f5680f7bf07bed6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 2 172.23.7.148 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5f5680f7bf07bed6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 5 172.23.7.148 v10010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5f5680f7bf07bed6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:37 435 172.16.53.21 monitor BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_NC_MISS GET text/plain;%20charset=UTF-8 http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513354836 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 294 1149 - "none" "none" 2017-12-15 16:20:38 1 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8596af5c70d7118f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8596af5c70d7118f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8596af5c70d7118f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 37 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:20:38 11 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:20:38 1 172.23.10.185 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 1 172.23.10.185 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 3 172.23.10.185 bcpto001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 1 172.23.10.185 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 2 172.23.10.185 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 3 172.23.10.185 bcpto001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:20:38 5 172.23.10.185 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27452 - "none" "none" 2017-12-15 16:20:38 2 172.23.10.185 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:20:38 41 172.23.10.185 bcpto001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 28153 - "none" "none" 2017-12-15 16:20:39 1 172.16.55.15 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28be1cb947bf4eeb cab "Microsoft-CryptoAPI/6.2" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.16.55.15 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28be1cb947bf4eeb cab "Microsoft-CryptoAPI/6.2" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 6 172.16.55.15 bpmdb01-dev$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28be1cb947bf4eeb cab "Microsoft-CryptoAPI/6.2" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.23.10.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d9402b2ff149231 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.23.10.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d9402b2ff149231 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 4 172.23.10.65 bcpmc012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d9402b2ff149231 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.23.9.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?67a7a30ae50bbe7f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.23.9.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?67a7a30ae50bbe7f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 4 172.23.9.135 testpool5$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?67a7a30ae50bbe7f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 1 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dca19a8ad4f09f31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dca19a8ad4f09f31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 5 172.23.10.154 bcpab008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dca19a8ad4f09f31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 1 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45ae8e0b9b878c88 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45ae8e0b9b878c88 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 5 172.23.9.60 vt100513$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45ae8e0b9b878c88 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:20:39 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:20:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:20:39 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:20:39 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:20:40 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:40 2 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:40 3 172.23.8.159 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:40 2 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:40 3 172.23.8.159 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:40 2 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:40 3 172.23.8.159 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:40 3 172.23.8.159 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:40 2 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:40 3 172.23.8.159 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:40 1 172.23.8.159 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:40 3 172.23.8.159 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:41 3 172.23.7.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce0cca04b8b38f96 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:41 2 172.23.7.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce0cca04b8b38f96 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:41 4 172.23.7.200 v16033$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce0cca04b8b38f96 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 1 172.23.6.3 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:42 1 172.23.6.3 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:42 4 172.23.6.3 v14045$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2448 - "none" "none" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2448 - "none" "none" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:42 5 172.23.6.3 v14045$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3137 - "none" "none" 2017-12-15 16:20:42 96 172.23.9.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0e5ae54651bb89d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.9.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0e5ae54651bb89d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 4 172.23.9.72 vt100505$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0e5ae54651bb89d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d3b62411fa95ff2 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 1 172.23.6.3 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d3b62411fa95ff2 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 5 172.23.9.199 p14031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d3b62411fa95ff2 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 5 172.23.6.3 v14045$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 3 172.23.6.3 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 2 172.23.6.3 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:20:42 5 172.23.6.3 v14045$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:20:43 1 172.23.7.227 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2b5b66f0c1712a53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:43 2 172.23.7.227 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2b5b66f0c1712a53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:43 4 172.23.7.227 v16052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2b5b66f0c1712a53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:44 1 172.23.4.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3e88a1572f5629c3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:44 2 172.23.4.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3e88a1572f5629c3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:44 4 172.23.4.134 v20074$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3e88a1572f5629c3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:44 1 172.23.8.158 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f7c71bbf0d61c0d5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:44 2 172.23.8.158 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f7c71bbf0d61c0d5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:44 5 172.23.8.158 v10-mc35$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f7c71bbf0d61c0d5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:45 1 172.23.0.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8f8da123b09b0348 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:45 2 172.23.0.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8f8da123b09b0348 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:45 4 172.23.0.137 lcstest01$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8f8da123b09b0348 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:20:45 2 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab396f23319fca6a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:45 2 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab396f23319fca6a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:45 4 172.23.8.187 v05052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab396f23319fca6a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:46 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:20:46 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:20:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:20:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:20:46 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:20:46 38 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:20:46 1 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:20:46 2 172.23.8.180 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:20:46 23 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:20:46 2 172.23.8.180 v05046$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151620 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:20:47 1 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:20:48 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:20:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:20:48 1 172.23.5.88 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:48 1 172.23.5.88 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:48 2 172.23.5.88 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:48 4 172.23.5.88 v13045$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:48 2 172.23.5.88 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:48 2 172.23.5.88 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:20:48 2 172.23.5.88 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:48 5 172.23.5.88 v13045$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:20:48 4 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:20:48 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:20:48 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:20:48 692 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:20:48 93 172.23.9.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1c4041a7fb8923ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 26 172.23.9.133 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dddb3f02c818a5d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 17 172.23.8.252 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9dee9e74d16bfa19 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 2 172.23.9.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1c4041a7fb8923ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 2 172.23.8.252 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9dee9e74d16bfa19 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 3 172.23.9.5 v05119$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1c4041a7fb8923ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 5 172.23.8.252 v05110$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9dee9e74d16bfa19 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:48 2 172.23.9.133 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dddb3f02c818a5d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:49 4 172.23.9.133 v10059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dddb3f02c818a5d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 3 172.23.5.238 - - authentication_failed DENIED "Technology/Internet;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp mtalk.google.com 443 / - - - 172.16.1.188 306 99 - "Google Talk" "none" 2017-12-15 16:20:50 1 172.23.6.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?efbd73b9a3c3f8ce cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 2 172.23.6.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?efbd73b9a3c3f8ce cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 4 172.23.6.233 v20022$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?efbd73b9a3c3f8ce cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 2 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3ec4a3f26548ac84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 35 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 306 99 - "Office Online" "none" 2017-12-15 16:20:50 40 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp nexusrules.officeapps.live.com 443 / - - - 172.16.1.188 306 97 - "Office Online" "none" 2017-12-15 16:20:50 2 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3ec4a3f26548ac84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 4 172.23.0.75 v20133$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3ec4a3f26548ac84 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:50 3 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 489 188 - "Office Online" "none" 2017-12-15 16:20:50 4 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp nexusrules.officeapps.live.com 443 / - - - 172.16.1.188 489 186 - "Office Online" "none" 2017-12-15 16:20:50 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:20:50 115 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:20:50 5 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:20:50 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:20:50 1 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:50 2 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:51 3 172.23.9.71 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:51 1 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:51 1 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:51 3 172.23.9.71 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:20:51 1 172.23.8.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:51 6 172.23.8.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:51 4 172.23.8.200 v05068$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:51 1 172.23.8.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:51 1 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:20:51 5 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:20:51 6 172.23.8.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:51 4 172.23.8.200 v05068$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151620 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:20:51 5 172.23.8.200 v05068$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:52 1 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:20:52 1 172.23.8.180 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:20:52 4 172.23.8.180 v05046$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:20:52 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:52 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:52 3 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:52 4 172.23.8.200 v05068$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:20:52 1 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 1645 - "none" "none" 2017-12-15 16:20:52 2 172.23.9.135 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 500 - "none" "none" 2017-12-15 16:20:52 10 172.23.9.135 testpool5$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1685 2338 - "none" "none" 2017-12-15 16:20:53 1 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:20:53 2 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:20:53 23 172.23.8.200 v05068$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1485 1472 - "none" "none" 2017-12-15 16:20:53 1 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:20:53 2 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:20:53 2 172.23.8.200 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:20:53 39 172.23.8.200 v05068$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1002 2682 - "none" "none" 2017-12-15 16:20:53 2 172.23.6.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ff6abbb33cd1fe88 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:53 2 172.23.6.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ff6abbb33cd1fe88 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:53 4 172.23.6.134 v15050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ff6abbb33cd1fe88 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:20:53 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:53 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:53 4 172.23.8.200 v05068$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:20:53 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:20:53 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:20:53 4 172.23.8.200 v05068$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:20:53 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:20:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:20:54 184 172.23.8.200 v05068$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1082 103594 - "none" "none" 2017-12-15 16:20:54 49 172.23.8.200 v05068$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1083 113339 - "none" "none" 2017-12-15 16:20:55 1 172.23.0.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a747b9eac5a417a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:55 3 172.23.0.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a747b9eac5a417a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:55 4 172.23.0.175 clone-win7$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a747b9eac5a417a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:20:56 110031 172.23.8.35 3113 BKI\VIP_Int - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 9829 2526 - "none" "none" 2017-12-15 16:20:57 33653 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 116580 2889 - "YouTube" "none" 2017-12-15 16:20:57 33651 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 406 2113 - "YouTube" "none" 2017-12-15 16:20:57 68 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r8---sn-q0c7dn7k.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 246 - "YouTube" "none" 2017-12-15 16:20:57 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r8---sn-q0c7dn7k.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 335 - "YouTube" "none" 2017-12-15 16:20:57 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:20:57 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:20:57 3 172.23.8.200 v05068$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:20:57 1 172.23.9.43 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:57 1 172.23.9.43 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:20:57 2 172.23.9.43 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:20:57 4 172.23.9.43 bcpbb002$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:20:57 2 172.23.9.43 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2372 - "none" "none" 2017-12-15 16:20:57 2 172.23.9.43 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2372 - "none" "none" 2017-12-15 16:20:57 2 172.23.9.43 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:20:57 6 172.23.9.43 bcpbb002$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3073 - "none" "none" 2017-12-15 16:20:58 7340 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1604 3079 - "Facebook" "none" 2017-12-15 16:20:59 1929 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r8---sn-q0c7dn7k.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 11287 2290 - "YouTube" "none" 2017-12-15 16:20:59 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 4 172.23.3.218 v01003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 1 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 4 172.23.3.218 v01003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 4 172.23.3.218 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27237 - "none" "none" 2017-12-15 16:20:59 2 172.23.3.218 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:20:59 13 172.23.3.218 v01003$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27926 - "none" "none" 2017-12-15 16:20:59 2 172.23.9.99 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f07cfc7bd026d2fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 2 172.23.9.99 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f07cfc7bd026d2fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:20:59 5 172.23.9.99 vt70116$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f07cfc7bd026d2fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:21:00 2 172.23.8.181 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4ebb236523ff9141 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:00 2 172.23.8.181 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4ebb236523ff9141 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:00 4 172.23.8.181 v05050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4ebb236523ff9141 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:00 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?211fef23b8344bc9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:00 2 172.23.3.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?211fef23b8344bc9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:00 5 172.23.3.218 v01003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?211fef23b8344bc9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:01 1 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:01 1 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:01 2 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:01 4 172.23.9.71 vt100524$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:21:01 2 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2447 - "none" "none" 2017-12-15 16:21:01 2 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2447 - "none" "none" 2017-12-15 16:21:01 2 172.23.9.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:01 6 172.23.9.71 vt100524$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3148 - "none" "none" 2017-12-15 16:21:01 1 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:21:01 1 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 489 268 - "none" "none" 2017-12-15 16:21:02 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:02 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:02 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:21:02 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:21:02 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:02 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:02 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:21:02 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:21:02 3 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?abf528bfc27ae77f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:02 3 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?abf528bfc27ae77f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:02 5 172.23.7.253 p02035$ - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?abf528bfc27ae77f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1551 914 - "Microsoft Update" "Update Software" 2017-12-15 16:21:02 1 172.23.0.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?74c7239e8e8efc98 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:02 2 172.23.0.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?74c7239e8e8efc98 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:02 4 172.23.0.165 v07009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?74c7239e8e8efc98 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:02 92 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:21:02 3 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:21:02 4 172.23.7.253 p02035$ - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1505 862 - "none" "none" 2017-12-15 16:21:02 1 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:21:02 2 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:21:03 4 172.23.7.253 p02035$ - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1511 868 - "none" "none" 2017-12-15 16:21:03 1 172.23.8.120 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:03 2 172.23.8.120 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:03 4 172.23.8.120 v10-cc02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:03 1 172.23.8.120 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:03 2 172.23.8.120 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:03 4 172.23.8.120 v10-cc02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:03 4 172.23.8.120 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27164 - "none" "none" 2017-12-15 16:21:03 2 172.23.8.120 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:21:03 8 172.23.8.120 v10-cc02$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27865 - "none" "none" 2017-12-15 16:21:05 2 172.23.8.68 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:05 1 172.23.8.68 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:05 2 172.23.8.68 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:05 4 172.23.8.68 v12066$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:21:06 2 172.23.8.68 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:21:06 2 172.23.8.68 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:21:06 2 172.23.8.68 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:06 4 172.23.8.68 v12066$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:21:06 2 172.23.6.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0009bcae81bf5019 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 3 172.23.6.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0009bcae81bf5019 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 4 172.23.6.165 v15060$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0009bcae81bf5019 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 1 172.23.10.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 2 172.23.10.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 5 172.23.10.23 bcpfb007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 1 172.23.10.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 2 172.23.10.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:06 5 172.23.10.23 bcpfb007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:21:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:21:07 91 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:21:07 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:21:07 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:21:07 754 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:21:08 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6c288d15dea3cc23 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 1 172.23.10.191 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5504c788ea0ed87d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 3 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6c288d15dea3cc23 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6c288d15dea3cc23 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 924 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 3 172.23.10.191 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5504c788ea0ed87d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 1 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?236540efc2ba238a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.10.191 bcpmc005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5504c788ea0ed87d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?236540efc2ba238a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?236540efc2ba238a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:08 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:21:08 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:21:08 2 172.23.5.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4ba7fcdb4a8f6064 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 3 172.23.5.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4ba7fcdb4a8f6064 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.5.135 v12026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4ba7fcdb4a8f6064 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:21:08 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:21:08 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.8.195 v05062$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 1 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 1 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.8.195 v05062$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 1 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.7.65 v20114$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 1 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 4 172.23.7.65 v20114$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:08 5 172.23.7.65 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27237 - "none" "none" 2017-12-15 16:21:08 2 172.23.7.65 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:21:08 9 172.23.7.65 v20114$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27926 - "none" "none" 2017-12-15 16:21:09 2 172.23.10.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?58c52ea6beb5363b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 2 172.23.10.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?58c52ea6beb5363b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 5 172.23.10.65 bcpmc012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?58c52ea6beb5363b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 1 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 4 172.23.8.195 v05062$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 1 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 4 172.23.8.195 v05062$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:21:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:21:09 1 172.23.9.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?90649d8647d2e58b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 3 172.23.9.249 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?90649d8647d2e58b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 4 172.23.9.249 bcpat012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?90649d8647d2e58b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 1 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?255204a18300d17c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 2 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?255204a18300d17c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 5 172.23.9.60 vt100513$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?255204a18300d17c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 1 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e3cbbe18ca906011 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 2 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e3cbbe18ca906011 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:09 5 172.23.0.106 trainee10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e3cbbe18ca906011 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 1 172.23.8.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f5b2a7ebf7457f31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 3 172.23.8.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f5b2a7ebf7457f31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 5 172.23.8.45 v11003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f5b2a7ebf7457f31 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 2 172.23.9.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2aa923adc09d8301 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 2 172.23.9.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2aa923adc09d8301 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 5 172.23.9.6 v05122$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2aa923adc09d8301 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:10 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:21:10 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:21:10 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:21:10 691 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 4 172.23.7.202 v16042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 3 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:21:11 4 172.23.7.202 v16042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 3 172.23.7.202 v16042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 29 172.23.7.202 v16042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 5 172.23.7.202 v16042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:21:11 14 172.23.7.202 v16042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1479 1472 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:21:11 19 172.23.7.202 v16042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1010 2682 - "none" "none" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:11 5 172.23.7.202 v16042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:21:11 1 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:11 2 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:11 4 172.23.7.202 v16042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:21:12 2 172.23.8.188 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?35f3f2869ee181ba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:12 2 172.23.8.188 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?35f3f2869ee181ba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:12 5 172.23.8.188 v05059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?35f3f2869ee181ba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:12 1 172.23.9.67 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e17613d8dac9fbbe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:12 2 172.23.9.67 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e17613d8dac9fbbe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:12 4 172.23.9.67 vt100521$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e17613d8dac9fbbe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:12 49 172.23.7.202 v16042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1068 103196 - "none" "none" 2017-12-15 16:21:12 15 172.23.7.202 v16042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1084 99602 - "none" "none" 2017-12-15 16:21:13 2 172.23.0.115 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:13 1 172.23.0.115 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:13 3 172.23.0.115 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:21:13 1 172.23.0.115 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:13 2 172.23.0.115 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:13 3 172.23.0.115 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:21:13 1 172.23.0.115 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:13 2 172.23.0.115 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:13 3 172.23.0.115 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:21:14 55 172.19.2.51 - - authentication_failed DENIED "File Storage/Sharing" - 407 TCP_DENIED CONNECT - tcp dl-debug.dropbox.com 443 / - - "Breakpad/1.0 (Windows)" 172.16.1.188 306 180 - "Dropbox" "none" 2017-12-15 16:21:14 3 172.19.2.51 - - authentication_failed DENIED "File Storage/Sharing" - 407 TCP_DENIED CONNECT - tcp dl-debug.dropbox.com 443 / - - "Breakpad/1.0 (Windows)" 172.16.1.188 489 269 - "Dropbox" "none" 2017-12-15 16:21:14 2 172.23.1.213 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce8f33bdf886750b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:14 2 172.23.1.213 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce8f33bdf886750b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:14 5 172.23.1.213 v09002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce8f33bdf886750b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:14 1 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b17a52c342a13f54 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:14 3 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b17a52c342a13f54 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:14 4 172.23.9.37 v05144$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b17a52c342a13f54 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 1 172.23.6.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e8d833cf4962af64 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 2 172.23.6.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e8d833cf4962af64 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 5 172.23.6.255 v20045$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e8d833cf4962af64 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 87 172.19.2.51 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp cc-api-storage.adobe.io 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:15 1 172.19.2.51 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp cc-api-storage.adobe.io 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:15 1 172.23.8.114 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?46d2e6866d2eae2f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 2 172.23.8.114 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?46d2e6866d2eae2f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 4 172.23.8.114 v10054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?46d2e6866d2eae2f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 1 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7851781a4ff1fd5c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 2 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7851781a4ff1fd5c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 5 172.23.8.187 v05052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7851781a4ff1fd5c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:15 1811 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "File Storage/Sharing" - 200 TCP_TUNNELED CONNECT - tcp dl-debug.dropbox.com 443 / - - "Breakpad/1.0 (Windows)" 172.16.1.188 3647 24203 - "Dropbox" "none" 2017-12-15 16:21:15 1 172.23.7.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:15 1 172.23.7.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:15 3 172.23.7.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:15 6 172.23.7.166 v13057$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:21:15 6 172.23.7.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:21:15 6 172.23.7.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:21:15 3 172.23.7.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:15 9 172.23.7.166 v13057$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 23904 - "none" "none" 2017-12-15 16:21:16 1 172.23.7.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 1 172.23.7.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 1 172.23.9.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?85a3265420364869 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 3 172.23.7.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 3 172.23.9.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?85a3265420364869 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 4 172.23.7.166 v13057$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 6 172.23.9.106 vt100534$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?85a3265420364869 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 3 172.23.7.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 2 172.23.7.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 2 172.23.7.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 5 172.23.7.166 v13057$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3135 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 1 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:21:16 1 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:21:16 2 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:21:16 4 172.23.7.202 v16042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:21:16 1 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a0c33297fdc59016 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 2 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a0c33297fdc59016 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:16 5 172.23.7.170 v16018$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a0c33297fdc59016 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 2 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 4 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 4 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 3 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 3 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 2 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 3 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 2 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 3 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 2 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 3 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:17 1 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:17 2 172.23.7.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:17 3 172.23.7.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:18 1 172.23.8.191 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c11ef5a819c1327f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:18 2 172.23.8.191 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c11ef5a819c1327f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:18 5 172.23.8.191 v05056$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c11ef5a819c1327f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:18 1 172.23.10.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe9abd7e892f4a28 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:18 2 172.23.10.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe9abd7e892f4a28 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:18 5 172.23.10.13 v20130$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe9abd7e892f4a28 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:18 2 172.23.9.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?354c89650b60b2fd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:19 2 172.23.9.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?354c89650b60b2fd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:19 5 172.23.9.5 v05119$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?354c89650b60b2fd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:19 1 172.23.8.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:19 2 172.23.8.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:19 4 172.23.8.212 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:19 1 172.23.8.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:19 2 172.23.8.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:19 3 172.23.8.212 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:20 41 172.23.5.238 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 248 - "none" "none" 2017-12-15 16:21:20 5 172.23.5.238 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 337 - "none" "none" 2017-12-15 16:21:20 122 172.19.2.51 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 306 81 - "none" "none" 2017-12-15 16:21:20 2 172.19.2.51 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 489 170 - "none" "none" 2017-12-15 16:21:20 2 172.23.1.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 2 172.23.1.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 4 172.23.1.243 v21018$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 1 172.23.1.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 2 172.23.1.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 4 172.23.1.243 v21018$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 2 172.23.10.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?145721a93a8b4ddd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 2 172.23.10.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?145721a93a8b4ddd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:20 5 172.23.10.23 bcpfb007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?145721a93a8b4ddd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:21 1355 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Whitelist;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 3860 2780 - "none" "none" 2017-12-15 16:21:22 2 172.23.9.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b825b460c1b0696 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:22 2 172.23.9.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b825b460c1b0696 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:22 6 172.23.9.233 vt100553$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b825b460c1b0696 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:22 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:22 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:22 2 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:22 4 172.23.4.59 v14048$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:21:22 2 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2339 - "none" "none" 2017-12-15 16:21:22 2 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2339 - "none" "none" 2017-12-15 16:21:22 2 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:22 5 172.23.4.59 v14048$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3028 - "none" "none" 2017-12-15 16:21:23 2 172.23.4.59 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 1 172.23.4.59 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 2 172.23.4.59 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 4 172.23.4.59 v14048$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 2 172.23.4.59 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 2 172.23.4.59 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 2 172.23.4.59 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:21:23 5 172.23.4.59 v14048$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:21:24 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:24 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:24 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:21:24 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:21:24 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:24 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:24 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:21:24 3 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:21:25 1 172.23.8.16 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:25 1 172.23.8.16 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:25 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a1e02b741a41d314 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:25 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a1e02b741a41d314 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:25 5 172.23.9.22 v05149$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a1e02b741a41d314 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:25 2 172.23.8.16 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:25 5 172.23.8.16 v11019$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:21:25 2 172.23.8.16 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:21:25 2 172.23.8.16 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:21:25 2 172.23.8.16 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:25 5 172.23.8.16 v11019$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:21:26 1 172.23.8.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9fab0f126fb1b4f1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 2 172.23.8.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9fab0f126fb1b4f1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 9 172.23.8.140 v12067$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9fab0f126fb1b4f1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 21 172.23.8.200 v05068$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1247 - "none" "none" 2017-12-15 16:21:26 1 172.23.9.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b9d0db31420cebb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 2 172.23.9.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b9d0db31420cebb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 4 172.23.9.13 v05127$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b9d0db31420cebb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 2 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 2 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 4 172.23.0.141 lcstest09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 1 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 2 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:26 4 172.23.0.141 lcstest09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:21:27 5 172.23.0.141 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:21:27 2 172.23.0.141 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:21:27 27 172.23.0.141 lcstest09$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27943 - "none" "none" 2017-12-15 16:21:27 2 172.23.9.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?144f8592feec7bcd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:27 3 172.23.9.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?144f8592feec7bcd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:27 4 172.23.9.80 vt100530$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?144f8592feec7bcd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:27 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 305 77 - "none" "none" 2017-12-15 16:21:27 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 488 166 - "none" "none" 2017-12-15 16:21:28 31 172.23.5.126 3346 BKI\Internet%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 3517 2076 - "none" "none" 2017-12-15 16:21:28 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/15.0 (Windows NT 6.2; Microsoft Outlook 15.0.4420; Pro)" 172.16.1.188 1202 261 - "none" "none" 2017-12-15 16:21:28 2 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/15.0 (Windows NT 6.2; Microsoft Outlook 15.0.4420; Pro)" 172.16.1.188 1402 386 - "none" "none" 2017-12-15 16:21:28 7995 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 4741 1899 - "none" "none" 2017-12-15 16:21:28 331 172.23.5.126 3346 BKI\Internet%20Group - PROXIED "Financial Services" - 302 TCP_NC_MISS GET text/html;%20charset=UTF-8 http bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/15.0 (Windows NT 6.2; Microsoft Outlook 15.0.4420; Pro)" 172.16.1.188 816 942 - "none" "none" 2017-12-15 16:21:28 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 305 103 - "none" "none" 2017-12-15 16:21:28 3 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 488 192 - "none" "none" 2017-12-15 16:21:28 74 172.23.5.126 3346 BKI\Internet%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 16039 3331 - "none" "none" 2017-12-15 16:21:28 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 305 103 - "none" "none" 2017-12-15 16:21:28 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 488 192 - "none" "none" 2017-12-15 16:21:28 63 172.23.5.126 3346 BKI\Internet%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 12919 4754 - "none" "none" 2017-12-15 16:21:28 1 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/15.0 (Windows NT 6.2; Microsoft Outlook 15.0.4420; Pro)" 172.16.1.188 1202 287 - "none" "none" 2017-12-15 16:21:28 2 172.23.5.126 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/15.0 (Windows NT 6.2; Microsoft Outlook 15.0.4420; Pro)" 172.16.1.188 1402 412 - "none" "none" 2017-12-15 16:21:28 310 172.23.5.126 3346 BKI\Internet%20Group - PROXIED "Financial Services" - 302 TCP_NC_MISS GET text/html;%20charset=UTF-8 http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/15.0 (Windows NT 6.2; Microsoft Outlook 15.0.4420; Pro)" 172.16.1.188 894 968 - "none" "none" 2017-12-15 16:21:29 2 172.23.9.99 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?931c139ca10d7402 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:29 2 172.23.9.99 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?931c139ca10d7402 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:29 5 172.23.9.99 vt70116$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?931c139ca10d7402 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:21:30 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:30 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:30 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:21:30 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:21:30 1 172.23.9.86 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8af170f94d5a5979 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:30 2 172.23.9.86 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8af170f94d5a5979 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:30 5 172.23.9.86 vt70104$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8af170f94d5a5979 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:21:30 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:30 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:30 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:21:30 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:21:30 1 172.23.8.181 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fa9a1dd0cc76af2f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:30 2 172.23.8.181 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fa9a1dd0cc76af2f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:30 4 172.23.8.181 v05050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fa9a1dd0cc76af2f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 1 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ac1b864bf5c369e7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 2 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ac1b864bf5c369e7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 4 172.23.9.168 v13063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ac1b864bf5c369e7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 1 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 353 200 - "none" "none" 2017-12-15 16:21:31 3 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 536 325 - "none" "none" 2017-12-15 16:21:31 7 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 326 877 - "none" "none" 2017-12-15 16:21:31 1 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 353 219 - "none" "none" 2017-12-15 16:21:31 1 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 536 344 - "none" "none" 2017-12-15 16:21:31 18 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 327 896 - "none" "none" 2017-12-15 16:21:31 38 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.17031)" 172.16.1.188 306 249 - "none" "none" 2017-12-15 16:21:31 2 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.17031)" 172.16.1.188 489 338 - "none" "none" 2017-12-15 16:21:31 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c26a0481b603cead cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c26a0481b603cead cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 5 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c26a0481b603cead cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:31 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:21:31 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:21:31 4 172.23.8.200 v05068$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:21:32 254 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp client.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.17031)" 172.16.1.188 3986 2825 - "none" "none" 2017-12-15 16:21:32 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3a960b19d5f0e8a9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:32 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3a960b19d5f0e8a9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:32 4 172.23.9.22 v05149$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3a960b19d5f0e8a9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:32 1 172.23.0.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b0591f7ce171d47 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:32 2 172.23.0.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b0591f7ce171d47 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:32 4 172.23.0.165 v07009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b0591f7ce171d47 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:33 1 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?66daf5673d7af752 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:33 2 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?66daf5673d7af752 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:33 4 172.23.7.253 p02035$ - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?66daf5673d7af752 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1551 914 - "Microsoft Update" "Update Software" 2017-12-15 16:21:33 69946 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 13336249 16508 - "YouTube" "none" 2017-12-15 16:21:34 1 172.23.10.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:34 2 172.23.10.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:34 4 172.23.10.142 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:34 1 172.23.10.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:34 2 172.23.10.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:34 4 172.23.10.142 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:34 1 172.23.10.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:34 2 172.23.10.142 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:34 3 172.23.10.142 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:35 1 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:35 2 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:35 3 172.23.8.80 v10016$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:35 2 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:35 2 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:35 4 172.23.8.80 v10016$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:36 21 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp hk2sch130021833.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.17031)" 172.16.1.188 306 267 - "none" "none" 2017-12-15 16:21:36 2 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp hk2sch130021833.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.17031)" 172.16.1.188 489 356 - "none" "none" 2017-12-15 16:21:37 2 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 2 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 5 172.23.7.170 v16018$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 2 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 2 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 4 172.23.7.170 v16018$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 1 172.23.5.147 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:37 1 172.23.5.147 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:37 2 172.23.5.147 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:37 4 172.23.5.147 v12037$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:21:37 2 172.23.5.147 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:21:37 2 172.23.5.147 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:21:37 2 172.23.5.147 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:37 5 172.23.5.147 v12037$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:21:37 2 172.23.8.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 2 172.23.8.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 4 172.23.8.33 v11036$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 1 172.23.8.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 2 172.23.8.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 4 172.23.8.33 v11036$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:37 4 172.23.8.33 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:21:37 2 172.23.8.33 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:21:37 35 172.23.8.33 v11036$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:21:38 1 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 889 - "none" "none" 2017-12-15 16:21:38 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:21:38 32 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1504 1566 - "none" "none" 2017-12-15 16:21:38 1 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2239 - "none" "none" 2017-12-15 16:21:38 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:21:38 13 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1012 2916 - "none" "none" 2017-12-15 16:21:38 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:38 2 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:38 4 172.23.8.159 v10-mc34$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:38 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:38 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:38 3 172.23.8.159 v10-mc34$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:38 1 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 353 200 - "none" "none" 2017-12-15 16:21:38 2 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 536 325 - "none" "none" 2017-12-15 16:21:38 16 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 326 877 - "none" "none" 2017-12-15 16:21:38 1 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 353 219 - "none" "none" 2017-12-15 16:21:38 2 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 536 344 - "none" "none" 2017-12-15 16:21:38 5 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/WSUS3/x86/Vista/wsus3setup.cab ?1712151621 cab "Windows-Update-Agent" 172.16.1.188 327 896 - "none" "none" 2017-12-15 16:21:39 2 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6037f44a8718742d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 2 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6037f44a8718742d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 4 172.23.10.154 bcpab008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6037f44a8718742d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 2 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 2 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 4 172.23.8.69 v05152$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 1 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 2 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 3 172.23.8.69 v05152$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:39 76 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1083 75030 - "none" "none" 2017-12-15 16:21:39 39 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1082 90549 - "none" "none" 2017-12-15 16:21:40 1 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 2 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 5 172.23.9.238 vt100537$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 1 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 2 172.23.9.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 4 172.23.9.238 vt100537$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 4 172.23.9.30 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?39ffff4485052b59 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 2 172.23.9.30 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?39ffff4485052b59 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 4 172.23.9.30 v05137$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?39ffff4485052b59 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:40 1 172.23.7.204 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:40 1 172.23.7.204 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:40 3 172.23.7.204 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:40 4 172.23.7.204 v16041$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:21:40 4 172.23.9.238 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 23797 - "none" "none" 2017-12-15 16:21:40 2 172.23.9.238 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:21:40 2 172.23.7.204 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2360 - "none" "none" 2017-12-15 16:21:40 48 172.23.9.238 vt100537$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 24498 - "none" "none" 2017-12-15 16:21:40 2 172.23.7.204 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2360 - "none" "none" 2017-12-15 16:21:40 2 172.23.7.204 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:40 5 172.23.7.204 v16041$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3049 - "none" "none" 2017-12-15 16:21:40 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:21:42 13 172.23.8.188 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?11e93963878b29c5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:42 3 172.23.8.188 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?11e93963878b29c5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:42 4 172.23.8.188 v05059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?11e93963878b29c5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:42 1 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?97541299a1eb017a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:42 3 172.23.9.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?97541299a1eb017a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:42 5 172.23.9.199 p14031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?97541299a1eb017a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 2 172.23.6.155 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 236 - "none" "none" 2017-12-15 16:21:44 3 172.23.6.155 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 325 - "none" "none" 2017-12-15 16:21:44 1 172.23.9.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cb3dc7b12f407971 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 3 172.23.9.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cb3dc7b12f407971 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 5 172.23.9.64 vt100516$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cb3dc7b12f407971 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 3 172.19.2.51 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp notifications.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 306 230 - "none" "none" 2017-12-15 16:21:44 2 172.19.2.51 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp notifications.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 489 319 - "none" "none" 2017-12-15 16:21:44 2 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?0c736d7efca23dd2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 1 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?0c736d7efca23dd2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 4 172.23.9.37 v05144$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?0c736d7efca23dd2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:21:44 1 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?654af3d8f08f955c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 2 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?654af3d8f08f955c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 4 172.23.9.37 v05144$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?654af3d8f08f955c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 2 172.23.8.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7a1284b6cc1d1349 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 2 172.23.8.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7a1284b6cc1d1349 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 4 172.23.8.219 v05086$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7a1284b6cc1d1349 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 1 172.23.8.114 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e31aec50318fabee cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 1 172.23.0.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db4bd05c43e4ee5e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 2 172.23.8.114 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e31aec50318fabee cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 5 172.23.8.114 v10054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e31aec50318fabee cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 109934 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6922 10222 - "Office 365 Exchange" "none" 2017-12-15 16:21:45 2 172.23.0.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db4bd05c43e4ee5e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 4 172.23.0.137 lcstest01$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db4bd05c43e4ee5e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 1 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 2 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 4 172.23.0.75 v20133$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 1 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 2 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 4 172.23.0.75 v20133$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:45 7 172.23.7.202 v16042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:21:46 1 172.23.9.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ade1a0a35a797c33 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:46 2 172.23.9.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ade1a0a35a797c33 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:46 5 172.23.9.106 vt100534$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ade1a0a35a797c33 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:46 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:46 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:21:46 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:21:46 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:21:46 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:21:46 12 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:21:47 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?15f60f271e38caa0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?15f60f271e38caa0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 4 172.23.8.248 v05105$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?15f60f271e38caa0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 39 192.168.11.95 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp update.googleapis.com 443 / - - - 172.16.1.188 306 79 - "none" "none" 2017-12-15 16:21:47 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:47 1 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:47 3 172.23.8.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:47 1 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:47 3 192.168.11.95 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp update.googleapis.com 443 / - - - 172.16.1.188 489 168 - "none" "none" 2017-12-15 16:21:47 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:47 3 172.23.8.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:47 1 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:47 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:47 4 172.23.8.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:47 1 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:47 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:47 3 172.23.8.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:47 1 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:21:47 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:21:47 4 172.23.8.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:21:47 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1202 790 - "none" "none" 2017-12-15 16:21:47 1 172.23.9.121 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?62c3af1489dd4256 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 2 172.23.9.121 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?62c3af1489dd4256 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 4 172.23.9.121 v22003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?62c3af1489dd4256 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 3 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1402 835 - "none" "none" 2017-12-15 16:21:47 372441 172.18.57.135 2052 BKI\VIP_Int - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp hk2sch130021723.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.16384)" 172.16.1.188 4294 3410 - "none" "none" 2017-12-15 16:21:47 24 172.20.2.39 webex BKI\VIP_Int - PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 200 TCP_NC_MISS POST text/plain;%20charset=utf-8 http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 2200 1439 - "none" "none" 2017-12-15 16:21:47 2 172.23.7.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe253ec9c896f255 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 2 172.23.7.137 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe253ec9c896f255 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 5 172.23.7.137 v10007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe253ec9c896f255 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:47 3 192.168.11.95 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients5.google.com 443 / - - - 172.16.1.188 306 75 - "none" "none" 2017-12-15 16:21:48 3 192.168.11.95 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients5.google.com 443 / - - - 172.16.1.188 489 164 - "none" "none" 2017-12-15 16:21:48 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:21:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:21:48 1 172.23.8.145 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 317 - "none" "none" 2017-12-15 16:21:48 2 172.23.8.145 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 489 406 - "none" "none" 2017-12-15 16:21:48 5 172.23.8.145 3672 BKI\Dept_Motor%20Claim%20Department%20Group policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 184 966 - "none" "none" 2017-12-15 16:21:48 634 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp clients5.google.com 443 / - - - 172.16.1.188 4826 2347 - "none" "none" 2017-12-15 16:21:48 1335 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp update.googleapis.com 443 / - - - 172.16.1.188 5086 2794 - "none" "none" 2017-12-15 16:21:48 98 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:21:48 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:21:48 3 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:21:48 796 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:21:48 2 172.23.8.252 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?af07f7782e990eab cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:48 2 172.23.8.252 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?af07f7782e990eab cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:48 4 172.23.8.252 v05110$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?af07f7782e990eab cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:49 58874 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 14066 9674 - "Office 365 Exchange" "none" 2017-12-15 16:21:49 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:49 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:49 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:49 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:49 42 172.20.0.161 - - authentication_failed PROXIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp bki.eunite.net 443 / - - "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 305 203 - "none" "none" 2017-12-15 16:21:49 2 172.20.0.161 - - authentication_failed PROXIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp bki.eunite.net 443 / - - "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 488 292 - "none" "none" 2017-12-15 16:21:49 2 172.23.10.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe6c5dc613582c5c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:49 3 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:21:49 2 172.23.10.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe6c5dc613582c5c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:49 1 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:21:49 2 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:21:49 2 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:21:49 2 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:21:49 1 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 239 - "none" "none" 2017-12-15 16:21:49 5 172.23.10.13 v20130$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fe6c5dc613582c5c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:49 1 172.23.9.133 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5f637a49b35fffe7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:49 2 172.23.9.133 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5f637a49b35fffe7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:49 4 172.23.9.133 v10059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5f637a49b35fffe7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:50 1 172.16.51.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d11913956673c393 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:50 2 172.16.51.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d11913956673c393 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:50 4 172.16.51.6 pserver04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d11913956673c393 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:21:51 1 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:21:51 1 172.23.7.202 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:21:51 3 172.23.7.202 v16042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:21:51 40 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:21:51 6 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:21:51 1 172.23.10.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:51 1 172.23.10.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:21:51 1 172.23.10.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:21:51 4 172.23.10.166 bcpat007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:21:51 2 172.23.10.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2432 - "none" "none" 2017-12-15 16:21:51 2 172.23.10.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2432 - "none" "none" 2017-12-15 16:21:51 2 172.23.10.166 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:21:51 5 172.23.10.166 bcpat007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3133 - "none" "none" 2017-12-15 16:21:51 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:52 4 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:52 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:52 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:52 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:21:52 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:21:52 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:52 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:21:52 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:21:52 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:21:53 2 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:53 1 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:53 4 172.23.8.106 v10047$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:53 1 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:53 1 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:53 4 172.23.8.106 v10047$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:53 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 305 87 - "none" "none" 2017-12-15 16:21:53 4 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:53 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 488 176 - "none" "none" 2017-12-15 16:21:53 3881 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 22334 16854 - "Office 365 Exchange" "none" 2017-12-15 16:21:53 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:53 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:53 251 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 5015 2943 - "none" "none" 2017-12-15 16:21:53 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:54 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:54 1 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a6cab2d024109396 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:54 3 172.23.0.72 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a6cab2d024109396 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:54 4 172.23.0.72 v20140$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a6cab2d024109396 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:21:54 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:21:54 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:21:55 1 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 889 - "none" "none" 2017-12-15 16:21:55 2 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:21:55 17 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1504 1566 - "none" "none" 2017-12-15 16:21:55 1 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2238 - "none" "none" 2017-12-15 16:21:55 2 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:21:56 11 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1010 2915 - "none" "none" 2017-12-15 16:21:56 677987 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.sslshopper.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko" 172.16.1.188 10650 1750 - "none" "none" 2017-12-15 16:21:56 677950 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.sslshopper.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko" 172.16.1.188 1685 1741 - "none" "none" 2017-12-15 16:21:56 677952 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.sslshopper.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko" 172.16.1.188 2915 1748 - "none" "none" 2017-12-15 16:21:56 678012 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.sslshopper.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko" 172.16.1.188 22905 1731 - "none" "none" 2017-12-15 16:21:56 677978 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.sslshopper.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko" 172.16.1.188 2180 1743 - "none" "none" 2017-12-15 16:21:57 1 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:21:57 1 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:21:57 35 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1080 70664 - "none" "none" 2017-12-15 16:21:57 14 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1073 94944 - "none" "none" 2017-12-15 16:21:57 355 172.23.9.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a84151f88067b34a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:57 3 172.23.9.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a84151f88067b34a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:57 5 172.23.9.80 vt100530$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a84151f88067b34a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:58 6423 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1952 3079 - "Facebook" "none" 2017-12-15 16:21:58 679423 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.sslshopper.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko" 172.16.1.188 111860 2511 - "none" "none" 2017-12-15 16:21:58 1 172.23.5.159 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 248 - "none" "none" 2017-12-15 16:21:58 4 172.23.5.159 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 337 - "none" "none" 2017-12-15 16:21:58 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 305 87 - "none" "none" 2017-12-15 16:21:58 67963 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Whitelist;o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 6129 1687 - "Office Online" "none" 2017-12-15 16:21:58 1 172.23.10.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45b130d5220e2051 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:21:58 2 172.23.10.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45b130d5220e2051 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:21:58 4 172.23.10.182 bcpbv004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45b130d5220e2051 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:21:58 3 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 488 176 - "none" "none" 2017-12-15 16:21:58 371 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 5100 2943 - "none" "none" 2017-12-15 16:21:59 2 172.23.5.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 6 172.23.5.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 2 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:21:59 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 3 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:21:59 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 2 172.23.5.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 1 172.23.5.238 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 1107 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "o356;Non-Viewable/Infrastructure" - 200 TCP_TUNNELED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 4607 1506 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 110169 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 5238 1998 - "Office 365 Exchange" "none" 2017-12-15 16:22:00 40 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:00 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 4 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 3 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:00 1 172.23.9.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?957e389c34e783b8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:00 2 172.23.9.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?957e389c34e783b8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 5 172.23.9.23 v05135$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?957e389c34e783b8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 1 172.23.9.27 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?113ed65783f06cff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 1 172.23.9.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f4d280e730dd7ad4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 2 172.23.9.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f4d280e730dd7ad4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 5 172.23.9.92 vt70112$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f4d280e730dd7ad4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 2 172.23.9.27 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?113ed65783f06cff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:00 4 172.23.9.27 v05131$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?113ed65783f06cff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 3 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?70cb6cf8e020f420 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:01 1 172.23.8.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ca11738254f1608e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 2 172.23.8.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ca11738254f1608e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 5 172.23.8.138 v10-mc13$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ca11738254f1608e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 1116 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "o356;Non-Viewable/Infrastructure" - 200 TCP_TUNNELED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 4607 1522 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 2 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?70cb6cf8e020f420 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 5 172.23.9.168 v13063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?70cb6cf8e020f420 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 1 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 4 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 3 172.23.7.70 v20117$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 1 172.23.9.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 2 172.23.9.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 4 172.23.9.122 v22001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 1 172.23.9.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 2 172.23.9.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:01 4 172.23.9.122 v22001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:02 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:02 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:02 5 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 3 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 2 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 3 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 2 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 3 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 3 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:02 2 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 4 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:02 2 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 2 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 3 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:02 1 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:02 2 172.23.1.188 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:02 3 172.23.1.188 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:03 1 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:03 2 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:03 4 172.23.7.70 v20117$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:04 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:04 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:04 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:05 1 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:05 1 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:05 4 172.23.7.70 v20117$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:22:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:22:07 3 172.23.9.27 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?83b9a8024c16c01a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:07 3 172.23.9.27 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?83b9a8024c16c01a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:07 5 172.23.9.27 v05131$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?83b9a8024c16c01a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:07 3 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:22:07 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:22:07 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:22:07 746 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:22:08 3 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?a12bcf95c10d5e4c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?a12bcf95c10d5e4c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?a12bcf95c10d5e4c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 924 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 1 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?763d6f61474578f0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?763d6f61474578f0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?763d6f61474578f0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 2 172.23.10.171 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1c47af9dfd1429c3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 2 172.23.10.171 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1c47af9dfd1429c3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 5 172.23.10.171 bcpat010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1c47af9dfd1429c3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:22:08 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:22:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:08 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:08 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:22:08 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:22:09 2 172.23.10.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?04ad7893372845be cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:09 2 172.23.10.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?04ad7893372845be cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:09 5 172.23.10.65 bcpmc012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?04ad7893372845be cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:09 36 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:22:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:22:09 1 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6c40a954ffb9b262 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 3 172.23.9.60 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6c40a954ffb9b262 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 4 172.23.9.60 vt100513$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6c40a954ffb9b262 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 2 172.23.9.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?009357b346b12c4b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 2 172.23.9.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?009357b346b12c4b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 5 172.23.9.6 v05122$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?009357b346b12c4b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 89 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:22:10 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:22:10 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:22:10 780 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:22:10 2 172.23.8.127 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?627102ce2b4d21fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 2 172.23.8.127 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?627102ce2b4d21fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 4 172.23.8.127 v10-mc04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?627102ce2b4d21fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 1 172.23.9.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9a6661120959cf2e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 2 172.23.9.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9a6661120959cf2e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:10 5 172.23.9.224 vt100542$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9a6661120959cf2e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 1 172.23.8.208 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 17 172.23.8.208 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 4 172.23.8.208 bcpco001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 1 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:22:12 5 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:22:12 19 172.23.8.208 bcpco001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 937 - "none" "none" 2017-12-15 16:22:12 1 172.23.8.208 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5be60ae93e374e13 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 2 172.23.8.208 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5be60ae93e374e13 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 5 172.23.8.208 bcpco001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5be60ae93e374e13 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:12 36 172.23.9.72 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 306 99 - "Office Online" "none" 2017-12-15 16:22:12 2 172.23.9.72 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 489 188 - "Office Online" "none" 2017-12-15 16:22:12 4 172.23.9.72 vt100505$ - policy_denied DENIED "Whitelist;o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 184 764 - "Office Online" "none" 2017-12-15 16:22:12 2 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 785 - "none" "none" 2017-12-15 16:22:12 2 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:22:13 10 172.23.8.208 bcpco001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1488 1486 - "none" "none" 2017-12-15 16:22:13 2 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:22:13 2 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:22:13 2 172.23.8.208 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:22:13 52 172.23.8.208 bcpco001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1012 2694 - "none" "none" 2017-12-15 16:22:13 2 172.23.9.105 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b9cbecf3d142e48 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:13 2 172.23.9.105 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b9cbecf3d142e48 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:13 5 172.23.9.105 vt100533$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b9cbecf3d142e48 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:14 52 172.23.8.208 bcpco001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1071 103593 - "none" "none" 2017-12-15 16:22:14 12 172.23.8.208 bcpco001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1077 85030 - "none" "none" 2017-12-15 16:22:14 1 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?b3b5dfca22456714 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:22:14 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?b3b5dfca22456714 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:22:14 5 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?b3b5dfca22456714 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:22:14 1 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c4725e2cc7c73881 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:14 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c4725e2cc7c73881 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:14 5 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c4725e2cc7c73881 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:15 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:15 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:15 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:22:15 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:22:15 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:15 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:15 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:22:15 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:22:15 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 1645 - "none" "none" 2017-12-15 16:22:15 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 500 - "none" "none" 2017-12-15 16:22:15 37 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1685 2322 - "none" "none" 2017-12-15 16:22:16 387 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp mediaedge0f.online.lync.com 443 / - - - 172.16.1.188 306 117 - "Lync Online" "none" 2017-12-15 16:22:16 35 192.168.11.95 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp mediaedge0f.online.lync.com 443 / - - - 172.16.1.188 489 206 - "Lync Online" "none" 2017-12-15 16:22:16 1 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fbef9bcece95b362 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:16 2 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fbef9bcece95b362 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:16 5 172.23.8.187 v05052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fbef9bcece95b362 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a1e154c8cbc34097 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a1e154c8cbc34097 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 4 172.23.8.248 v05105$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a1e154c8cbc34097 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.9.84 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?82a40cb9f99bd4cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.9.84 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?82a40cb9f99bd4cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 5 172.23.9.84 vt70105$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?82a40cb9f99bd4cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 1 172.23.9.102 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a47e733d6b0d4ec7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.9.102 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a47e733d6b0d4ec7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 11 172.23.9.102 vt100532$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a47e733d6b0d4ec7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 1 172.23.9.121 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e2eb712551180e87 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.9.121 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e2eb712551180e87 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 5 172.23.9.121 v22003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e2eb712551180e87 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 1 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4f0cd70165af460a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4f0cd70165af460a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 4 10.250.81.2 v1-dr014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4f0cd70165af460a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 1 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?13426bf39a1c061e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 2 172.23.7.170 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?13426bf39a1c061e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:17 4 172.23.7.170 v16018$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?13426bf39a1c061e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 1 172.23.7.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e26d1198189f7d49 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 2 172.23.7.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e26d1198189f7d49 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 5 172.23.7.151 v05032$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e26d1198189f7d49 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 1 172.23.4.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 114 172.23.4.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 4 172.23.4.212 v17005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 2 172.23.4.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 1 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:22:18 2 172.23.4.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 3 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:22:18 5 172.23.4.212 v17005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 28 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:22:18 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b9a95075f523de7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b9a95075f523de7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 4 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b9a95075f523de7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:18 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:18 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:18 2 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:18 4 172.23.4.212 v17005$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:22:19 1 172.23.9.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?17e5caa79116a507 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:19 2 172.23.9.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?17e5caa79116a507 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:19 5 172.23.9.5 v05119$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?17e5caa79116a507 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:19 2 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:22:19 2 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:22:19 18 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1487 1472 - "none" "none" 2017-12-15 16:22:19 2 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:22:19 2 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:22:19 1 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:22:19 21 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1010 2682 - "none" "none" 2017-12-15 16:22:19 2 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:19 2 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:19 4 172.23.4.212 v17005$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:22:19 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:19 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:19 3 172.23.4.212 v17005$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.234 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:19 1 172.23.1.234 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.234 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:19 5 172.23.1.234 v09003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.234 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.234 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.234 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:22:19 1 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 353 233 - "none" "none" 2017-12-15 16:22:19 5 172.23.1.234 v09003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 536 358 - "none" "none" 2017-12-15 16:22:19 5 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 214 910 - "none" "none" 2017-12-15 16:22:19 4 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 1459 268 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/D1/CDE5373D80E41F205260D2A7D8FB716A26BCA3D1.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 353 233 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.231 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/D1/CDE5373D80E41F205260D2A7D8FB716A26BCA3D1.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 536 358 - "none" "none" 2017-12-15 16:22:19 4 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/D1/CDE5373D80E41F205260D2A7D8FB716A26BCA3D1.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 214 910 - "none" "none" 2017-12-15 16:22:19 2 172.23.1.231 v24300$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/D1/CDE5373D80E41F205260D2A7D8FB716A26BCA3D1.txt ?1712151622 txt "Windows-Update-Agent" 172.16.1.188 1459 268 - "none" "none" 2017-12-15 16:22:19 48 172.20.0.161 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ocsp.usertrust.com 80 /MFIwUDBOMEwwSjAJBgUrDgMCGgUABBSl4jRO9XY6nOLzHpuYB7AHVyel%2BQQUs5Cn2MmvTs1hPJ98rV1%2FQf1pMOoCEQDc6m0df8n51rPPoP8kNZLL - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1588 348 - "none" "none" 2017-12-15 16:22:19 3 172.20.0.161 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ocsp.usertrust.com 80 /MFIwUDBOMEwwSjAJBgUrDgMCGgUABBSl4jRO9XY6nOLzHpuYB7AHVyel%2BQQUs5Cn2MmvTs1hPJ98rV1%2FQf1pMOoCEQDc6m0df8n51rPPoP8kNZLL - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1788 473 - "none" "none" 2017-12-15 16:22:20 4 172.23.10.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?64325745f7120154 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:20 2 172.23.10.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?64325745f7120154 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:20 5 172.23.10.64 bcpmc011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?64325745f7120154 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:20 64 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1072 103195 - "none" "none" 2017-12-15 16:22:20 2 172.23.9.143 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4b2a3b94e0d494ab cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:20 3 172.23.9.143 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4b2a3b94e0d494ab cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:20 5 172.23.9.143 p08028$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4b2a3b94e0d494ab cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:22:20 21 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1081 113236 - "none" "none" 2017-12-15 16:22:20 442 172.20.0.161 3849 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_REFRESH_MISS GET application/ocsp-response http ocsp.usertrust.com 80 /MFIwUDBOMEwwSjAJBgUrDgMCGgUABBSl4jRO9XY6nOLzHpuYB7AHVyel%2BQQUs5Cn2MmvTs1hPJ98rV1%2FQf1pMOoCEQDc6m0df8n51rPPoP8kNZLL - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 902 1033 - "none" "none" 2017-12-15 16:22:20 50 172.20.0.161 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ocsp.comodoca.com 80 /MFIwUDBOMEwwSjAJBgUrDgMCGgUABBR64T7ooMQqLLQoy%2BemBUYZQOKh6QQUkK9qOpRaC9iQ6hJWc99DtDoo2ucCEQDs4BwYcO8qld3uBHAr%2FQSw - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1587 346 - "none" "none" 2017-12-15 16:22:20 3 172.20.0.161 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ocsp.comodoca.com 80 /MFIwUDBOMEwwSjAJBgUrDgMCGgUABBR64T7ooMQqLLQoy%2BemBUYZQOKh6QQUkK9qOpRaC9iQ6hJWc99DtDoo2ucCEQDs4BwYcO8qld3uBHAr%2FQSw - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1787 471 - "none" "none" 2017-12-15 16:22:20 451 172.20.0.161 3849 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_REFRESH_MISS GET application/ocsp-response http ocsp.comodoca.com 80 /MFIwUDBOMEwwSjAJBgUrDgMCGgUABBR64T7ooMQqLLQoy%2BemBUYZQOKh6QQUkK9qOpRaC9iQ6hJWc99DtDoo2ucCEQDs4BwYcO8qld3uBHAr%2FQSw - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 902 1031 - "none" "none" 2017-12-15 16:22:21 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:22:21 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:22:21 3 172.16.51.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?428f572b105908c0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:21 2 172.16.51.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?428f572b105908c0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:21 4 172.16.51.6 pserver04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?428f572b105908c0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:22:22 288 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http lyncdiscoverinternal.bangkokinsurance.com 80 / ?sipuri=pirawan.k@bangkokinsurance.com - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1202 455 - "none" "none" 2017-12-15 16:22:22 283 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp lyncdiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 305 103 - "none" "none" 2017-12-15 16:22:22 283 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http lyncdiscover.bangkokinsurance.com 80 / ?sipuri=pirawan.k@bangkokinsurance.com - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1202 439 - "none" "none" 2017-12-15 16:22:22 283 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp lyncdiscoverinternal.bangkokinsurance.com 443 / - - - 172.16.1.188 305 119 - "none" "none" 2017-12-15 16:22:22 4 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp lyncdiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 488 192 - "none" "none" 2017-12-15 16:22:22 4 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http lyncdiscover.bangkokinsurance.com 80 / ?sipuri=pirawan.k@bangkokinsurance.com - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1402 528 - "none" "none" 2017-12-15 16:22:22 4 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp lyncdiscoverinternal.bangkokinsurance.com 443 / - - - 172.16.1.188 488 208 - "none" "none" 2017-12-15 16:22:22 7 172.23.8.210 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http lyncdiscoverinternal.bangkokinsurance.com 80 / ?sipuri=pirawan.k@bangkokinsurance.com - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 1402 544 - "none" "none" 2017-12-15 16:22:22 19 172.23.8.210 2491 BKI\VIP_Int - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp lyncdiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 3181 942 - "none" "none" 2017-12-15 16:22:22 103 172.23.8.210 2491 BKI\VIP_Int - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp lyncdiscoverinternal.bangkokinsurance.com 443 / - - - 172.16.1.188 3181 966 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 2 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 4 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 2 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 3 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 2 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 4 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 3 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 4 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 2 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 3 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 2 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 2 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 4 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:22 1 172.23.9.179 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:22 3 172.23.9.179 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:22 577 172.23.8.210 2491 BKI\VIP_Int - PROXIED "Financial Services" - 200 TCP_NC_MISS GET text/html;%20charset=UTF-8 http lyncdiscoverinternal.bangkokinsurance.com 80 / ?sipuri=pirawan.k@bangkokinsurance.com - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 71642 1136 - "none" "none" 2017-12-15 16:22:22 593 172.23.8.210 2491 BKI\VIP_Int - PROXIED "Financial Services" - 200 TCP_NC_MISS GET text/html;%20charset=UTF-8 http lyncdiscover.bangkokinsurance.com 80 / ?sipuri=pirawan.k@bangkokinsurance.com - "OC/16.0.8201.2209 (Skype for Business)" 172.16.1.188 70926 1120 - "none" "none" 2017-12-15 16:22:24 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:22:24 2 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:22:24 4 172.23.4.212 v17005$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:22:24 130490 172.16.4.237 int1 BKI\Internet%20Group - OBSERVED "Business/Economy" - 200 TCP_TUNNELED CONNECT - tcp bki.driveprofiler.net 443 / - - - 172.16.1.188 1724 2099 - "none" "none" 2017-12-15 16:22:24 1 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 1645 - "none" "none" 2017-12-15 16:22:24 2 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 500 - "none" "none" 2017-12-15 16:22:24 17 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1685 2322 - "none" "none" 2017-12-15 16:22:24 92 172.18.35.131 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp armmf.adobe.com 443 / - - - 172.16.1.188 306 67 - "none" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 172.18.35.131 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp armmf.adobe.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 298 - "none" "none" 2017-12-15 16:22:25 2 172.18.35.131 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp armmf.adobe.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 489 387 - "none" "none" 2017-12-15 16:22:25 5 172.18.35.131 c0215 - policy_denied DENIED "Whitelist;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp armmf.adobe.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 184 947 - "none" "none" 2017-12-15 16:22:25 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 4 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 22 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 2 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 4 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 2 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 3 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 4 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 2 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 3 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 3 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 2 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 3 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:25 1 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:25 2 172.23.7.221 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:25 4 172.23.7.221 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:26 86 172.23.8.14 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 252 - "none" "none" 2017-12-15 16:22:26 6 172.23.8.14 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 341 - "none" "none" 2017-12-15 16:22:27 1 172.18.35.131 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED GET - http armmf.adobe.com 80 /arm-manifests/win/Reader11Manifest.msi - msi "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 1499 340 - "none" "none" 2017-12-15 16:22:27 2 172.18.35.131 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED GET - http armmf.adobe.com 80 /arm-manifests/win/Reader11Manifest.msi - msi "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 1699 465 - "none" "none" 2017-12-15 16:22:27 5 172.18.35.131 c0215 - policy_denied DENIED "Whitelist;Technology/Internet" - 403 TCP_DENIED GET - http armmf.adobe.com 80 /arm-manifests/win/Reader11Manifest.msi - msi "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 1122 1025 - "none" "none" 2017-12-15 16:22:27 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:27 6 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:27 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:28 1 172.23.10.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9bee666914785d7a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:28 2 172.23.10.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9bee666914785d7a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:28 5 172.23.10.182 bcpbv004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9bee666914785d7a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 1 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:29 2 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:29 2 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 1 172.23.0.163 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?edd3f2e468f77b27 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 4 172.23.8.94 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:29 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 4 172.23.7.165 v11009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 2 172.23.0.163 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?edd3f2e468f77b27 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 1 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:29 3 172.23.0.163 v07007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?edd3f2e468f77b27 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 2 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:29 3 172.23.8.94 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:29 2 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 4 172.23.7.165 v11009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 1 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:29 1 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:29 3 172.23.8.94 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:29 1 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:29 2 172.23.8.94 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:29 3 172.23.8.94 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:29 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 2 172.23.9.99 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7bb1a7098b0e29b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 2 172.23.9.99 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7bb1a7098b0e29b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:29 4 172.23.9.99 vt70116$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7bb1a7098b0e29b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 1 172.23.6.15 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 252 - "none" "none" 2017-12-15 16:22:30 8 172.23.6.15 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 341 - "none" "none" 2017-12-15 16:22:30 1 172.23.9.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd81a5598a568d07 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 2 172.23.9.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd81a5598a568d07 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 4 172.23.9.23 v05135$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd81a5598a568d07 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 1 172.23.8.181 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fb8a33308baebe56 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 2 172.23.9.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7d3d65e084af6317 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 2 172.23.8.181 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fb8a33308baebe56 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 4 172.23.8.181 v05050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fb8a33308baebe56 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 2 172.23.9.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7d3d65e084af6317 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:30 4 172.23.9.92 vt70112$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7d3d65e084af6317 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:22:31 39 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 306 99 - "Office Online" "none" 2017-12-15 16:22:31 776 172.23.6.15 3817 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 4259 1626 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:31 3 172.23.0.130 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:31 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:31 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:31 2 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:31 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:31 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:22:31 4 172.23.0.130 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:31 3 192.168.11.95 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 489 188 - "Office Online" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:31 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:31 3 172.23.0.130 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:31 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:31 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:22:31 6 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:31 2 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:31 4 172.23.0.130 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:31 3 172.23.0.130 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:31 1 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:31 2 172.23.0.130 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:31 3 172.23.0.130 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:31 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:31 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:31 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 601965 172.20.0.222 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Shopping;Software Downloads" - 200 TCP_TUNNELED CONNECT - tcp play.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 749 2078 - "none" "none" 2017-12-15 16:22:33 1 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 2 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 5 10.250.81.2 v1-dr014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 4 10.250.81.2 v1-dr014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2f773e5c4ff2fc6c cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 3 172.23.7.253 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2f773e5c4ff2fc6c cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 4 172.23.9.22 v05149$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 6 172.23.7.253 p02035$ - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2f773e5c4ff2fc6c cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1551 914 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 3 172.23.9.22 v05149$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 1 172.23.0.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7f0e2b1daaa99d59 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 2 172.23.0.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7f0e2b1daaa99d59 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:33 4 172.23.0.165 v07009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7f0e2b1daaa99d59 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:34 1 172.23.9.205 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 889 - "none" "none" 2017-12-15 16:22:34 3 172.23.9.205 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:22:34 18 172.23.9.205 p21008$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1504 1566 - "none" "none" 2017-12-15 16:22:34 1 172.23.9.205 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2239 - "none" "none" 2017-12-15 16:22:34 2 172.23.9.205 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:22:34 46 172.23.9.205 p21008$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1012 2916 - "none" "none" 2017-12-15 16:22:34 2 172.23.9.205 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2864 - "none" "none" 2017-12-15 16:22:34 2 172.23.9.205 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 462 - "none" "none" 2017-12-15 16:22:34 37 172.23.9.205 p21008$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 690 3541 - "none" "none" 2017-12-15 16:22:34 1 172.23.8.87 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:34 1 172.23.8.87 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:34 2 172.23.8.87 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:34 4 172.23.8.87 v10027$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:22:34 6 172.23.8.87 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:22:34 6 172.23.8.87 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:22:34 2 172.23.8.87 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:22:34 8 172.23.8.87 v10027$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 23904 - "none" "none" 2017-12-15 16:22:34 1 172.23.9.30 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:34 2 172.23.9.30 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:34 4 172.23.9.30 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:34 2 172.23.9.30 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:34 2 172.23.9.30 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:34 6 172.23.9.30 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:34 1 172.23.5.135 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:34 1 172.23.5.135 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:34 2 172.23.5.135 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:34 4 172.23.5.135 v12026$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:22:34 2 172.23.5.135 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2448 - "none" "none" 2017-12-15 16:22:34 2 172.23.5.135 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2448 - "none" "none" 2017-12-15 16:22:34 2 172.23.5.135 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:22:34 5 172.23.5.135 v12026$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3137 - "none" "none" 2017-12-15 16:22:36 20 172.30.39.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 306 154 - "none" "none" 2017-12-15 16:22:36 2 172.30.39.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 489 243 - "none" "none" 2017-12-15 16:22:36 20 172.30.39.246 anonymous%20logon - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 184 311 - "none" "none" 2017-12-15 16:22:37 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:37 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:37 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:22:37 5 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:22:37 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:37 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:37 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:22:37 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:22:37 2 172.23.7.206 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 248 - "none" "none" 2017-12-15 16:22:37 7 172.23.7.206 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 337 - "none" "none" 2017-12-15 16:22:37 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:37 3 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:37 3 172.23.4.59 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:37 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:37 2 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:37 3 172.23.4.59 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:37 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:37 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:37 3 172.23.4.59 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:37 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:37 4 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:37 6 172.23.4.59 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:37 1 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:37 2 172.23.4.59 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:37 3 172.23.4.59 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:38 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:22:38 3 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp nexus.officeapps.live.com 443 / - - - 172.16.1.188 306 87 - "Office Online" "none" 2017-12-15 16:22:38 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:22:38 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp nexus.officeapps.live.com 443 / - - - 172.16.1.188 489 176 - "Office Online" "none" 2017-12-15 16:22:38 1 172.23.9.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?779b9fd43bc70ab1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:38 2 172.23.9.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?779b9fd43bc70ab1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:38 4 172.23.9.104 vt70120$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?779b9fd43bc70ab1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:22:38 2 172.23.10.171 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab54c61ed8de9f09 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:38 2 172.23.10.171 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab54c61ed8de9f09 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:38 4 172.23.10.171 bcpat010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ab54c61ed8de9f09 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:38 45 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.windows.net 443 / - - - 172.16.1.188 306 138 - "Office Online" "none" 2017-12-15 16:22:38 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp login.windows.net 443 / - - - 172.16.1.188 489 227 - "Office Online" "none" 2017-12-15 16:22:40 2 172.23.8.127 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b17aedeecddb7a6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:40 2 172.23.8.127 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b17aedeecddb7a6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:40 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:22:40 4 172.23.8.127 v10-mc04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b17aedeecddb7a6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:42 93 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?df2e5c1a3da8f62a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:42 1 172.23.8.188 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c076bd5fcd16d6e4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:42 2 172.23.8.188 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c076bd5fcd16d6e4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:42 6 172.23.8.188 v05059$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c076bd5fcd16d6e4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:42 3 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?df2e5c1a3da8f62a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:42 5 172.23.0.106 trainee10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?df2e5c1a3da8f62a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:22:43 1 172.23.9.105 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dacfd8a1c477fca8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:43 2 172.23.9.105 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dacfd8a1c477fca8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:43 4 172.23.9.105 vt100533$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dacfd8a1c477fca8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:43 1 172.23.8.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f53c65ae82e5aa70 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:43 2 172.23.8.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f53c65ae82e5aa70 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:43 4 172.23.8.5 v05150$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f53c65ae82e5aa70 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:44 113567 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp nexusrules.officeapps.live.com 443 / - - - 172.16.1.188 6229 1796 - "Office Online" "none" 2017-12-15 16:22:44 2 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:44 2 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:44 3 172.23.1.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:44 1 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:44 1 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:44 3 172.23.1.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:44 1 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:44 2 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:44 4 172.23.1.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:44 1 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:44 1 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:44 3 172.23.1.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:44 1 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:44 2 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:44 3 172.23.1.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:44 2 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:44 2 172.23.1.236 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:44 2 172.23.1.236 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:44 1 172.23.7.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4b6098a12c6e7738 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 3 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4b6098a12c6e7738 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.9.37 v05144$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4b6098a12c6e7738 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b603b9b6857f5e22 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.9.37 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b603b9b6857f5e22 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.9.37 v05144$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b603b9b6857f5e22 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.7.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.243 v16069$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.7.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.7.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.243 v16069$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.8.114 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?044a923667236c36 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.8.114 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?044a923667236c36 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.8.114 v10054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?044a923667236c36 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.19 v20081$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.19 v20081$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.19 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 23797 - "none" "none" 2017-12-15 16:22:45 2 172.23.7.19 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:22:45 45 172.23.7.19 v20081$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 24486 - "none" "none" 2017-12-15 16:22:45 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.165 v11009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 2 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.165 v11009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:45 4 172.23.7.165 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 23907 - "none" "none" 2017-12-15 16:22:45 2 172.23.7.165 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:22:45 22 172.23.7.165 v11009$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 24596 - "none" "none" 2017-12-15 16:22:46 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 3 172.23.7.165 v11009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 1 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 2 172.23.7.165 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 4 172.23.7.165 v11009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 1 172.23.9.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2b5f44243e0c425a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 2 172.23.9.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2b5f44243e0c425a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 5 172.23.9.106 vt100534$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2b5f44243e0c425a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:46 45914 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 67264 31506 - "Office 365 Exchange" "none" 2017-12-15 16:22:46 21126 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7268 10574 - "Office 365 Exchange" "none" 2017-12-15 16:22:46 21089 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 8115 11390 - "Office 365 Exchange" "none" 2017-12-15 16:22:46 21070 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7167 10846 - "Office 365 Exchange" "none" 2017-12-15 16:22:46 21129 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6602 10670 - "Office 365 Exchange" "none" 2017-12-15 16:22:46 21104 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7167 10846 - "Office 365 Exchange" "none" 2017-12-15 16:22:47 1 172.23.8.210 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:22:47 2 172.23.8.210 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 489 268 - "none" "none" 2017-12-15 16:22:47 2 172.23.9.102 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d6896a9b2b9e51a2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:47 2 172.23.9.102 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d6896a9b2b9e51a2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:47 4 172.23.9.102 vt100532$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d6896a9b2b9e51a2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 1 172.23.6.155 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 236 - "none" "none" 2017-12-15 16:22:48 5 172.23.6.155 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 325 - "none" "none" 2017-12-15 16:22:48 64044 172.23.6.155 secretary_fi_svp BKI\VIP_Int - OBSERVED "Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1570 1873 - "none" "none" 2017-12-15 16:22:48 37 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:22:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:22:48 2 172.23.7.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4f0de793f50368b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 2 172.23.7.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4f0de793f50368b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 5 172.23.7.151 v05032$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4f0de793f50368b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?03d41e46a068edb9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?03d41e46a068edb9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 4 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?03d41e46a068edb9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6cec6a7de4228831 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6cec6a7de4228831 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 5 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6cec6a7de4228831 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 3 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:22:48 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:22:48 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:22:48 653 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:22:48 2 172.23.1.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?96e963b95d0e0826 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 54 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp roaming.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:22:48 2 172.23.1.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?96e963b95d0e0826 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:48 5 172.23.1.234 v09003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?96e963b95d0e0826 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:49 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29e740cbf90e94a7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:49 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29e740cbf90e94a7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:49 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29e740cbf90e94a7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:49 3 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients2.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 232 - "none" "none" 2017-12-15 16:22:49 5 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients2.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 773 - "none" "none" 2017-12-15 16:22:49 3 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients2.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 337 - "none" "none" 2017-12-15 16:22:49 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 305 77 - "none" "none" 2017-12-15 16:22:49 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 488 166 - "none" "none" 2017-12-15 16:22:49 1 172.23.8.138 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 317 - "none" "none" 2017-12-15 16:22:49 2 172.23.8.138 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 489 406 - "none" "none" 2017-12-15 16:22:49 5 172.23.8.138 3715 BKI\Dept_Motor%20Claim%20Department%20Group policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 184 966 - "none" "none" 2017-12-15 16:22:49 39 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:22:49 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:22:49 3 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:22:49 5 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:22:50 4 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 306 148 - "Lync Online" "none" 2017-12-15 16:22:50 2 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 489 237 - "Lync Online" "none" 2017-12-15 16:22:50 543 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp bangkokinsurance.com 443 / - - - 172.16.1.188 3517 1739 - "none" "none" 2017-12-15 16:22:50 137 172.23.8.210 2491 BKI\VIP_Int - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 5664 1391 - "Lync Online" "none" 2017-12-15 16:22:50 2 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 306 107 - "Lync Online" "none" 2017-12-15 16:22:50 2 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 489 196 - "Lync Online" "none" 2017-12-15 16:22:50 4 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http bangkokinsurance.com 80 /AutoDiscover/autodiscover.xml - xml "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 1202 827 - "none" "none" 2017-12-15 16:22:50 1 172.23.10.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3b50cdc0f0621679 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:50 2 172.23.10.13 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3b50cdc0f0621679 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:50 4 172.23.10.13 v20130$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3b50cdc0f0621679 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:50 4 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http bangkokinsurance.com 80 /AutoDiscover/autodiscover.xml - xml "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 1402 630 - "none" "none" 2017-12-15 16:22:50 1 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f16.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:22:50 1 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f16.infra.lync.com 443 / - - - 172.16.1.188 306 95 - "Lync Online" "none" 2017-12-15 16:22:50 230 172.23.8.210 2491 BKI\VIP_Int - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp sipdir.online.lync.com 443 / - - - 172.16.1.188 7114 2535 - "Lync Online" "none" 2017-12-15 16:22:50 2 172.23.8.210 - - authentication_failed DENIED "o356;Online Meetings" - 407 TCP_DENIED CONNECT - tcp webpoolsg20f16.infra.lync.com 443 / - - - 172.16.1.188 489 184 - "Lync Online" "none" 2017-12-15 16:22:50 4 172.23.8.210 2491 BKI\VIP_Int tcp_error DENIED "o356;Online Meetings" - 503 TCP_ERR_MISS CONNECT - tcp webpoolsg20f16.infra.lync.com 443 / - - - 172.16.1.188 185 740 - "Lync Online" "none" 2017-12-15 16:22:50 1 172.16.22.172 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 317 - "none" "none" 2017-12-15 16:22:50 2 172.16.22.172 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 489 406 - "none" "none" 2017-12-15 16:22:50 1 172.16.22.172 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 317 - "none" "none" 2017-12-15 16:22:50 2 172.16.22.172 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 489 406 - "none" "none" 2017-12-15 16:22:50 517 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 302 TCP_NC_MISS POST text/html;%20charset=UTF-8 http bangkokinsurance.com 80 /AutoDiscover/autodiscover.xml - xml "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 834 1512 - "none" "none" 2017-12-15 16:22:51 2 172.23.10.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cdf7253521d39742 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:51 2 172.23.10.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cdf7253521d39742 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:51 5 172.23.10.64 bcpmc011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cdf7253521d39742 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:51 370 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 405 TCP_NC_MISS POST text/html;%20charset=windows-874 http bangkokinsurance.com 80 / - - "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 4895 834 - "none" "none" 2017-12-15 16:22:51 1 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 305 103 - "none" "none" 2017-12-15 16:22:51 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 488 192 - "none" "none" 2017-12-15 16:22:51 1 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:22:51 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:22:51 3 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:22:51 5 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:22:51 3 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1247 - "none" "none" 2017-12-15 16:22:51 2 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 1202 538 - "none" "none" 2017-12-15 16:22:51 110023 172.23.8.72 4173 BKI\Internet%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 9829 1626 - "none" "none" 2017-12-15 16:22:51 4 192.168.11.95 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED GET - http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 1402 655 - "none" "none" 2017-12-15 16:22:51 1 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:22:51 3 172.23.4.212 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:22:51 21 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:22:51 1 172.23.4.212 v17005$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151622 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:22:52 30634 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 39 903 - "YouTube" "none" 2017-12-15 16:22:52 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:22:52 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:22:52 349 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 302 TCP_NC_MISS GET text/html;%20charset=UTF-8 http autodiscover.bangkokinsurance.com 80 /autodiscover/autodiscover.xml - xml "Microsoft Office/16.0 (Windows NT 6.3; Microsoft PowerPoint 16.0.8201; Pro)" 172.16.1.188 912 1215 - "none" "none" 2017-12-15 16:22:52 41 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:22:52 7 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:22:52 41 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ols.officeapps.live.com 443 / - - - 172.16.1.188 306 83 - "Office Online" "none" 2017-12-15 16:22:52 36 172.23.0.115 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 306 103 - "none" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ols.officeapps.live.com 443 / - - - 172.16.1.188 306 83 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ols.officeapps.live.com 443 / - - - 172.16.1.188 489 172 - "Office Online" "none" 2017-12-15 16:22:52 27 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ocws.officeapps.live.com 443 / - - - 172.16.1.188 306 85 - "Office Online" "none" 2017-12-15 16:22:52 68 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ocws.officeapps.live.com 443 / - - - 172.16.1.188 306 85 - "Office Online" "none" 2017-12-15 16:22:52 2347 172.16.22.172 ecmadmin BKI\Internet%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 2702 1670 - "none" "none" 2017-12-15 16:22:52 2301 172.16.22.172 ecmadmin BKI\Internet%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp ieonlinews.microsoft.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 2702 1670 - "none" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ocws.officeapps.live.com 443 / - - - 172.16.1.188 489 174 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp ocws.officeapps.live.com 443 / - - - 172.16.1.188 489 174 - "Office Online" "none" 2017-12-15 16:22:52 6 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 126 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 4 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 5 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 65 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 5 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 7 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:52 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:22:53 9 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:53 1 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?37f2111f9326f04e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:53 24 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:53 23 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:53 18 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?37f2111f9326f04e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:53 9 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 489 190 - "Office Online" "none" 2017-12-15 16:22:53 17 172.23.10.43 bcpcb002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?37f2111f9326f04e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:53 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:53 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:53 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:22:53 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:22:53 2 172.23.9.51 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:53 2 172.23.9.51 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:53 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:53 4 172.23.9.51 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:53 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:22:53 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:22:53 6 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:22:53 1 172.23.9.51 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:53 3 172.23.9.51 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:53 4 172.23.9.51 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:53 1 172.23.9.51 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:53 2 172.23.9.51 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:53 3 172.23.9.51 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:53 1 172.23.7.36 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7781f854162713ac cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:53 2 172.23.7.36 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7781f854162713ac cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:53 5 172.23.7.36 v20098$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7781f854162713ac cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:54 1609 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp ols.officeapps.live.com 443 / - - - 172.16.1.188 9676 2852 - "Office Online" "none" 2017-12-15 16:22:55 1 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:22:55 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:22:55 2 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:22:55 4 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:22:55 1 172.23.10.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:55 1 172.23.10.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:55 1 172.23.10.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:55 4 172.23.10.168 bcpat002$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:22:55 2 172.23.10.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:22:55 2 172.23.10.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:22:55 2 172.23.10.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:22:55 5 172.23.10.168 bcpat002$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3132 - "none" "none" 2017-12-15 16:22:56 5 172.23.10.168 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27273 - "none" "none" 2017-12-15 16:22:56 2 172.23.10.168 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:22:56 24 172.23.10.168 bcpat002$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27974 - "none" "none" 2017-12-15 16:22:56 2 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 4 172.23.8.159 v10-mc34$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 1 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:56 4 172.23.8.159 v10-mc34$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 1 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:56 1 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:56 4 172.23.8.72 lg011$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 726 - "none" "none" 2017-12-15 16:22:56 2 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:22:56 2 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:22:56 2 172.23.8.72 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:22:56 6 172.23.8.72 lg011$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3116 - "none" "none" 2017-12-15 16:22:56 146738 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Internet Telephony;Chat (IM)/SMS" - 200 TCP_TUNNELED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 13635 51386 - "Lync Online" "none" 2017-12-15 16:22:56 2 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b883b877a78d94a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 12 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b883b877a78d94a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:56 4 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8b883b877a78d94a cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 94 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:22:57 3 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:22:57 5 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:22:57 1 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:22:57 3 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:22:57 15 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:22:57 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:22:57 1 172.23.4.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:22:57 5 172.23.4.212 v17005$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:22:57 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:57 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:22:57 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:22:57 4 172.23.7.167 v13058$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:22:57 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:22:57 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:22:57 3 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:22:57 5 172.23.7.167 v13058$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:22:57 5 172.23.7.167 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27273 - "none" "none" 2017-12-15 16:22:57 2 172.23.7.167 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:22:57 9 172.23.7.167 v13058$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27962 - "none" "none" 2017-12-15 16:22:57 1 172.23.9.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?207e7a64fe1b5533 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 2 172.23.9.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?207e7a64fe1b5533 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 5 172.23.9.80 vt100530$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?207e7a64fe1b5533 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 1 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:57 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:57 3 172.23.5.22 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:57 1 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:57 1 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:57 4 172.23.5.22 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:57 267 172.23.7.167 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 1 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:57 1 172.23.7.167 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 2 172.23.5.22 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:57 4 172.23.5.22 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:22:57 2 172.23.7.167 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:57 4 172.23.7.167 v13058$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 5428 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1604 3077 - "Facebook" "none" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:22:58 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 5 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:22:58 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 4 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151622 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bf0e0e06cc9720c4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 3 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bf0e0e06cc9720c4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bf0e0e06cc9720c4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 1 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 238 172.23.7.167 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 2 172.23.7.167 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 2 172.23.7.167 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 6 172.23.7.167 v13058$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3135 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 375024 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp hk2sch130022025.wns.windows.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0; WnpTrans 6.3.9600.17031)" 172.16.1.188 4401 3352 - "none" "none" 2017-12-15 16:22:58 1 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2bc7b0762a98b18e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 2 172.23.8.159 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2bc7b0762a98b18e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 5 172.23.8.159 v10-mc34$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2bc7b0762a98b18e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:22:58 1969967 172.16.1.40 4326 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36" 172.16.1.188 640 2083 - "none" "none" 2017-12-15 16:22:59 1 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:22:59 2 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:22:59 56 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1476 1472 - "none" "none" 2017-12-15 16:22:59 2 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:22:59 1 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:22:59 4 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:22:59 16 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1012 2682 - "none" "none" 2017-12-15 16:22:59 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:59 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:59 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:22:59 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:22:59 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:59 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:22:59 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:22:59 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:22:59 1 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:59 1 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:59 3 172.23.5.103 v17042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:22:59 1 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:22:59 2 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:22:59 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:23:00 50 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1078 103196 - "none" "none" 2017-12-15 16:23:00 16 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1077 96940 - "none" "none" 2017-12-15 16:23:00 1 172.23.6.209 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 306 103 - "none" "none" 2017-12-15 16:23:00 2 172.23.6.209 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 489 192 - "none" "none" 2017-12-15 16:23:00 5 172.23.6.209 c0722 - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 184 752 - "none" "none" 2017-12-15 16:23:00 1 172.23.7.57 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 2 172.23.7.57 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 4 172.23.7.57 v20106$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 1 172.23.7.57 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 2 172.23.7.57 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 4 172.23.7.57 v20106$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 1 172.23.0.144 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5889b27dccb7c74b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 2 172.23.0.144 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5889b27dccb7c74b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 5 172.23.0.144 lcstest12$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5889b27dccb7c74b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 4 172.23.7.57 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:23:00 2 172.23.7.57 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:23:00 10 172.23.7.57 v20106$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:23:00 1 172.23.8.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?16901ace29711090 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 3 172.23.8.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?16901ace29711090 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:00 4 172.23.8.199 v05067$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?16901ace29711090 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:01 12 172.23.8.208 bcpco001$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1246 - "none" "none" 2017-12-15 16:23:01 1 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7e05cd2c1dce88fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:01 2 172.23.9.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7e05cd2c1dce88fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:01 4 172.23.9.168 v13063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7e05cd2c1dce88fe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:01 1 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:01 2 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:01 4 172.23.8.5 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:01 1 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:01 2 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:01 3 172.23.8.5 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:01 1 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:01 2 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:01 3 172.23.8.5 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:01 1 172.23.8.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:01 1 172.23.8.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:01 1 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:01 1 172.23.8.5 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:01 3 172.23.8.5 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:02 274 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 306 166 - "Lync Online" "none" 2017-12-15 16:23:02 2 172.23.8.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:02 4 172.23.8.239 v10061$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:02 2 172.23.8.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:02 2 172.23.8.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:02 2 172.23.8.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:02 5 172.23.8.239 v10061$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:23:02 3 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 489 255 - "Lync Online" "none" 2017-12-15 16:23:02 1 172.23.8.8 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 1 172.23.4.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 2 172.23.4.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 4 172.23.4.182 v10055$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 1 172.23.4.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 2 172.23.4.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 4 172.23.4.182 v10055$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 124 172.23.8.8 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 6 172.23.8.8 v11013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:02 1 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:02 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:23:02 2 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:23:02 5 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:23:03 11275 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 190 1661 - "YouTube" "none" 2017-12-15 16:23:03 1 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:23:03 2 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:23:03 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:23:03 53 192.168.11.95 - - authentication_failed DENIED "O365_set2;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp templateservice.office.com 443 / - - - 172.16.1.188 306 89 - "Office Online" "none" 2017-12-15 16:23:03 53 192.168.11.95 - - authentication_failed DENIED "O365_set2;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp templateservice.office.com 443 / - - - 172.16.1.188 306 89 - "Office Online" "none" 2017-12-15 16:23:03 3 192.168.11.95 - - authentication_failed DENIED "O365_set2;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp templateservice.office.com 443 / - - - 172.16.1.188 489 178 - "Office Online" "none" 2017-12-15 16:23:03 3 192.168.11.95 - - authentication_failed DENIED "O365_set2;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp templateservice.office.com 443 / - - - 172.16.1.188 489 178 - "Office Online" "none" 2017-12-15 16:23:04 35 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:23:04 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:23:04 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:23:04 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:23:04 1 172.23.8.8 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:04 2 172.23.8.8 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:04 4 172.23.8.8 v11013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:04 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 306 101 - "Office Online" "none" 2017-12-15 16:23:06 1 172.23.8.8 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:06 1 172.23.8.8 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:06 3 172.23.8.8 v11013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:06 1 172.23.8.208 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:23:06 2 172.23.8.208 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:23:06 4 172.23.8.208 bcpco001$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 762 - "none" "none" 2017-12-15 16:23:07 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:23:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:23:07 89 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:23:07 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:23:07 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:23:07 779 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:23:08 2 172.23.9.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2243f44253dc1622 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:08 2 172.23.9.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2243f44253dc1622 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:08 4 172.23.9.104 vt70120$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2243f44253dc1622 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:23:08 1 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp roaming.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:09 1 172.23.8.226 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0662192caaec75bb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:09 2 172.23.8.226 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0662192caaec75bb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:09 4 172.23.8.226 v05095$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0662192caaec75bb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:09 37 172.23.1.214 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:23:09 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:23:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:23:09 3 172.23.1.214 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:23:09 5 172.23.1.214 c1128 - policy_denied DENIED "o356;Education;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 884 - "none" "none" 2017-12-15 16:23:09 1 172.23.1.214 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:23:09 2 172.23.1.214 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:23:09 4 172.23.1.214 c1128 - policy_denied DENIED "o356;Education;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 884 - "none" "none" 2017-12-15 16:23:09 4 172.23.1.214 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1483 327 - "none" "none" 2017-12-15 16:23:09 2 172.23.1.214 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1683 416 - "none" "none" 2017-12-15 16:23:09 6 172.23.1.214 c1128 - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1106 976 - "none" "none" 2017-12-15 16:23:09 267856 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Shopping;Software Downloads" - 200 TCP_TUNNELED CONNECT - tcp play.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 2305 4571 - "none" "none" 2017-12-15 16:23:10 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:23:10 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:23:10 5 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:23:10 662 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:23:11 1 172.23.9.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?54188df2847f6b35 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 2 172.23.9.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?54188df2847f6b35 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 4 172.23.9.224 vt100542$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?54188df2847f6b35 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 2 172.23.8.81 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 1 172.23.8.81 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 4 172.23.8.81 v10022$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 1 172.23.8.81 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 2 172.23.8.81 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 4 172.23.8.81 v10022$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:11 47 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp odc.officeapps.live.com 443 / - - - 172.16.1.188 306 83 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp odc.officeapps.live.com 443 / - - - 172.16.1.188 489 172 - "Office Online" "none" 2017-12-15 16:23:11 30 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 109 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 34 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 28 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 115 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 104 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 18 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 37 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 36 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 4 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 12 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 7 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 4 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 4 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 6 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:11 24 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 24 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 9 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 20 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 13 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 12 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 6 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 4 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 7 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 13 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:11 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:12 3 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 489 180 - "Office Online" "none" 2017-12-15 16:23:12 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 3 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151623 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:23:13 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 3 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 9 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151623 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 9 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151623 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d41ef9293937f03 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d41ef9293937f03 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 5 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8d41ef9293937f03 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 3 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 2 172.23.8.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6ea20ea9822f061f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 2 172.23.8.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6ea20ea9822f061f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 4 172.23.8.5 v05150$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6ea20ea9822f061f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:23:13 16 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1488 1472 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:23:13 1 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:23:13 3 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:23:13 20 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1011 2682 - "none" "none" 2017-12-15 16:23:13 1 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:13 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:13 2 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:13 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:23:14 47 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1069 103196 - "none" "none" 2017-12-15 16:23:14 25 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1077 94538 - "none" "none" 2017-12-15 16:23:15 36 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp shavar.services.mozilla.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 306 236 - "none" "none" 2017-12-15 16:23:15 2 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp shavar.services.mozilla.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 489 325 - "none" "none" 2017-12-15 16:23:15 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:15 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:15 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:23:15 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:23:15 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:15 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:15 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:23:15 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:23:17 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?962e19189ae61a3e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 1 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?962e19189ae61a3e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 5 172.23.8.248 v05105$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?962e19189ae61a3e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 4 172.23.8.248 v05105$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 1 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 2 172.23.8.248 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 3 172.23.8.248 v05105$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 108 172.23.8.210 - - authentication_failed DENIED "Business/Economy;Technology/Internet" - 407 TCP_DENIED GET - http scrootca1.ocsp.secomtrust.net 80 /MEowSDBGMEQwQjAJBgUrDgMCGgUABBToZI35nvnlbqQAOxgex2VgV2SjmAQUoHNJmWjchVtl45soL1efvTO8B0gCCRK5sPpy4NhIxg%3D%3D - - "Microsoft-CryptoAPI/6.3" 172.16.1.188 1600 410 - "none" "none" 2017-12-15 16:23:17 2 172.23.8.210 - - authentication_failed DENIED "Business/Economy;Technology/Internet" - 407 TCP_DENIED GET - http scrootca1.ocsp.secomtrust.net 80 /MEowSDBGMEQwQjAJBgUrDgMCGgUABBToZI35nvnlbqQAOxgex2VgV2SjmAQUoHNJmWjchVtl45soL1efvTO8B0gCCRK5sPpy4NhIxg%3D%3D - - "Microsoft-CryptoAPI/6.3" 172.16.1.188 1800 535 - "none" "none" 2017-12-15 16:23:17 5 172.23.8.210 2491 BKI\VIP_Int - OBSERVED "Business/Economy;Technology/Internet" - 200 TCP_HIT GET application/ocsp-response http scrootca1.ocsp.secomtrust.net 80 /MEowSDBGMEQwQjAJBgUrDgMCGgUABBToZI35nvnlbqQAOxgex2VgV2SjmAQUoHNJmWjchVtl45soL1efvTO8B0gCCRK5sPpy4NhIxg%3D%3D - - "Microsoft-CryptoAPI/6.3" 172.16.1.188 1869 1091 - "none" "none" 2017-12-15 16:23:17 2 172.23.8.210 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http pki.google.com 80 /GIAG2.crl - crl "Microsoft-CryptoAPI/6.3" 172.16.1.188 1477 231 - "none" "none" 2017-12-15 16:23:17 2 172.23.8.210 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http pki.google.com 80 /GIAG2.crl - crl "Microsoft-CryptoAPI/6.3" 172.16.1.188 1677 356 - "none" "none" 2017-12-15 16:23:17 4 172.23.8.210 2491 BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 304 TCP_HIT GET application/pkix-crl http pki.google.com 80 /GIAG2.crl - crl "Microsoft-CryptoAPI/6.3" 172.16.1.188 413 912 - "none" "none" 2017-12-15 16:23:17 1 172.23.9.121 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9a851847682dfed9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 2 172.23.9.121 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9a851847682dfed9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 5 172.23.9.121 v22003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9a851847682dfed9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 1 172.23.10.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6a0d13d1442ee7dd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 2 172.23.10.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6a0d13d1442ee7dd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 4 172.23.10.193 bcpmc001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6a0d13d1442ee7dd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:17 1 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:17 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:23:17 2 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:23:17 4 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:18 37 172.30.15.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 306 154 - "none" "none" 2017-12-15 16:23:18 2 172.30.15.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 489 243 - "none" "none" 2017-12-15 16:23:18 9 172.30.15.246 anonymous%20logon - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 184 307 - "none" "none" 2017-12-15 16:23:18 152 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:18 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 3 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 3 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:18 1 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:23:18 2 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 3 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 3 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 4 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:18 1 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:18 2 172.23.9.146 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:18 3 172.23.9.146 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 2 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 3 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 2 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 3 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 2 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 4 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 2 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 4 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 2 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 4 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 4 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 1 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:23:20 2 172.23.0.155 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:23:20 3 172.23.0.155 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:23:20 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:20 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:20 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:20 1 172.23.7.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2c196e610a8b0c19 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:20 2 172.23.7.255 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2c196e610a8b0c19 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:20 4 172.23.7.255 p02030$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2c196e610a8b0c19 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 2 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 4 172.23.7.19 v20081$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 1 172.23.7.19 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 4 172.23.7.19 v20081$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:21 35 172.19.2.51 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 306 81 - "none" "none" 2017-12-15 16:23:21 2 172.19.2.51 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 489 170 - "none" "none" 2017-12-15 16:23:21 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:21 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:21 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:23:21 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:23:21 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:21 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:21 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:23:21 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:23:22 109 172.16.51.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db910cc7cb739477 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:22 2 172.16.51.6 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db910cc7cb739477 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:22 5 172.16.51.6 pserver04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?db910cc7cb739477 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:22 1 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:22 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:22 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:22 1431 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Whitelist;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 3860 2780 - "none" "none" 2017-12-15 16:23:23 1 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?5dd81e3f3a4a76ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:23:23 2 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?5dd81e3f3a4a76ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:23:23 5 172.23.10.43 bcpcb002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?5dd81e3f3a4a76ea cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 932 - "Microsoft Update" "Update Software" 2017-12-15 16:23:23 1 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e04a7c985aa2e697 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:23 3 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e04a7c985aa2e697 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:23 4 172.23.10.43 bcpcb002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e04a7c985aa2e697 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:24 1 172.23.9.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?84ee5178862d57f2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:24 2 172.23.9.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?84ee5178862d57f2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:24 5 172.23.9.79 vt100528$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?84ee5178862d57f2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:24 2 172.23.7.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7a40df1d43d3ea0f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:24 2 172.23.7.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7a40df1d43d3ea0f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:24 5 172.23.7.199 v16035$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7a40df1d43d3ea0f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:25 1 172.23.8.209 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:25 1 172.23.8.209 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:25 2 172.23.8.209 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:25 4 172.23.8.209 v05078$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:25 2 172.23.8.209 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2351 - "none" "none" 2017-12-15 16:23:25 2 172.23.8.209 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2351 - "none" "none" 2017-12-15 16:23:25 2 172.23.8.209 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:25 5 172.23.8.209 v05078$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3040 - "none" "none" 2017-12-15 16:23:26 1 172.23.0.108 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?27b0e8191b479888 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:26 2 172.23.0.108 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?27b0e8191b479888 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:26 5 172.23.0.108 trainee13$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?27b0e8191b479888 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:26 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?25acffa17594c678 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:26 2 172.23.0.166 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?25acffa17594c678 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:26 5 172.23.0.166 v07010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?25acffa17594c678 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 2 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?fed459ae3dbef3fc cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 2 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?fed459ae3dbef3fc cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 4 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?fed459ae3dbef3fc cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1172 908 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 1 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f6ca1644a3126916 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 3 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f6ca1644a3126916 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 4 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f6ca1644a3126916 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 1 172.23.9.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8df15bbef2824752 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 2 172.23.9.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8df15bbef2824752 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 4 172.23.9.63 vt100519$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8df15bbef2824752 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:27 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1202 790 - "none" "none" 2017-12-15 16:23:27 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1402 835 - "none" "none" 2017-12-15 16:23:27 31 172.20.2.39 webex BKI\VIP_Int - PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 200 TCP_NC_MISS POST text/plain;%20charset=utf-8 http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 2200 1439 - "none" "none" 2017-12-15 16:23:28 2 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 1 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 4 172.23.8.106 v10047$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 1 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 1 172.23.8.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 4 172.23.8.106 v10047$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 5 172.23.8.106 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27275 - "none" "none" 2017-12-15 16:23:28 2 172.23.8.106 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:23:28 31 172.23.8.106 v10047$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27964 - "none" "none" 2017-12-15 16:23:28 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c7fabc6b43e63852 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:28 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c7fabc6b43e63852 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 4 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c7fabc6b43e63852 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 2 172.23.10.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?453d7f0af0e04ec0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 2 172.23.10.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?453d7f0af0e04ec0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 4 172.23.10.182 bcpbv004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?453d7f0af0e04ec0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 1 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:29 1 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:29 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:29 4 172.23.7.164 v11007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:29 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:29 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:29 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:29 6 172.23.7.164 v11007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:23:29 2 172.23.7.229 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?44c4b5afc4e89cae cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 2 172.23.7.229 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?44c4b5afc4e89cae cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:29 4 172.23.7.229 v16055$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?44c4b5afc4e89cae cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 1 172.23.9.222 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3d899e8e2a2bd133 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 3 172.23.9.222 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3d899e8e2a2bd133 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 5 172.23.9.222 p07044$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3d899e8e2a2bd133 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 1 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 306 236 - "none" "none" 2017-12-15 16:23:30 2 172.19.2.51 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 489 325 - "none" "none" 2017-12-15 16:23:30 2 172.23.9.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9119a257fd068bba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 1 172.23.0.144 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?65e55b321b8eb677 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 2 172.23.9.92 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9119a257fd068bba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 2 172.23.0.144 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?65e55b321b8eb677 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 5 172.23.9.92 vt70112$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9119a257fd068bba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:23:30 4 172.23.0.144 lcstest12$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?65e55b321b8eb677 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 1 172.23.1.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f388bc1188a0c59c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 1 172.23.9.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?71b24db537deb750 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 2 172.23.9.23 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?71b24db537deb750 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 4 172.23.9.23 v05135$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?71b24db537deb750 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 2 172.23.1.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f388bc1188a0c59c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 4 172.23.1.241 v21017$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f388bc1188a0c59c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:31 3 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:23:32 1 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:23:32 2 172.23.5.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:23:32 17 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:23:32 1 172.23.5.103 v17042$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:23:32 30617 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Internet Telephony;Chat (IM)/SMS" - 200 TCP_TUNNELED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 8755 26858 - "Lync Online" "none" 2017-12-15 16:23:33 2 172.23.7.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?13ad35c99c33beb2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 2 172.23.7.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?13ad35c99c33beb2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 5 172.23.7.221 v10011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?13ad35c99c33beb2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 1 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4eaa55f5296047e1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4eaa55f5296047e1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 4 172.23.7.65 v20114$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4eaa55f5296047e1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 62263 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "Whitelist;o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 6129 1767 - "Office Online" "none" 2017-12-15 16:23:33 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp nexusrules.officeapps.live.com 443 / - - - 172.16.1.188 306 97 - "Office Online" "none" 2017-12-15 16:23:33 2 172.23.10.36 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:33 1 172.23.10.36 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:33 2 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp nexusrules.officeapps.live.com 443 / - - - 172.16.1.188 489 186 - "Office Online" "none" 2017-12-15 16:23:33 2 172.23.10.36 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:33 4 172.23.10.36 v11046$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:33 2 172.23.10.36 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:33 2 172.23.10.36 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:33 2 172.23.10.36 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:33 5 172.23.10.36 v11046$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:23:33 2 172.23.0.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?313b1829b9f4879f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 2 172.23.0.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?313b1829b9f4879f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 5 172.23.0.154 lcstest19$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?313b1829b9f4879f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:33 94 172.23.7.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:23:33 35 172.23.7.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:23:33 5 172.23.7.251 p02036$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:23:33 1 172.23.7.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:23:33 3 172.23.7.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:23:33 4 172.23.7.251 p02036$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:23:35 1 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.9.22 v05149$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 1 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.9.22 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.9.22 v05149$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 5 172.23.9.22 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:23:35 2 172.23.9.22 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:23:35 17 172.23.9.22 v05149$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:23:35 2 172.23.0.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?efb263547521344a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.0.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?efb263547521344a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.0.147 lcstest13$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?efb263547521344a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.7.47 v18010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 1 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.7.47 v18010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.7.47 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27460 - "none" "none" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:23:35 32 172.23.7.47 v18010$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 28149 - "none" "none" 2017-12-15 16:23:35 369 192.168.11.95 - - authentication_failed DENIED "o356;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp roaming.officeapps.live.com 443 / - - - 172.16.1.188 306 91 - "Office Online" "none" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.7.47 v18010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 1 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 2 172.23.7.47 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:35 4 172.23.7.47 v18010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:36 41 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 306 166 - "Lync Online" "none" 2017-12-15 16:23:36 3 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp pipe.skype.com 443 / - - "WinINet HttpStack/14" 172.16.1.188 489 255 - "Lync Online" "none" 2017-12-15 16:23:36 35 172.30.32.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 306 154 - "none" "none" 2017-12-15 16:23:36 2 172.30.32.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 489 243 - "none" "none" 2017-12-15 16:23:36 6 172.30.32.246 anonymous%20logon - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 184 311 - "none" "none" 2017-12-15 16:23:36 1 172.30.32.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 306 154 - "none" "none" 2017-12-15 16:23:36 3 172.30.32.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 489 243 - "none" "none" 2017-12-15 16:23:36 10 172.30.32.246 anonymous%20logon - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 184 311 - "none" "none" 2017-12-15 16:23:37 1 172.30.32.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 306 154 - "none" "none" 2017-12-15 16:23:37 2 172.30.32.246 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 489 243 - "none" "none" 2017-12-15 16:23:37 6 172.30.32.246 anonymous%20logon - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - "Iron" 172.16.1.188 184 311 - "none" "none" 2017-12-15 16:23:37 2 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:23:37 2 172.23.5.103 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:23:37 4 172.23.5.103 v17042$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:23:38 276 172.23.0.78 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9f44667a8ddff6d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 164 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:38 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:38 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:23:38 3 172.23.0.78 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9f44667a8ddff6d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 4 172.23.0.78 v20134$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9f44667a8ddff6d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 16 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:23:38 33 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:38 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:23:38 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:23:38 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:23:38 1 172.23.10.30 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45e8dbd769a07a3f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 2 172.23.10.30 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45e8dbd769a07a3f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 4 172.23.10.30 bcpmc008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?45e8dbd769a07a3f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 1 172.23.10.171 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce130e1d17e67326 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 2 172.23.10.171 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce130e1d17e67326 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 3 172.23.10.171 bcpat010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ce130e1d17e67326 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 2 172.23.0.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9066d1b63b59cdbc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 2 172.23.0.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9066d1b63b59cdbc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:38 6 172.23.0.107 trainee11$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9066d1b63b59cdbc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 2 172.23.8.226 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c5c4c9f6aae008a6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 2 172.23.8.226 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c5c4c9f6aae008a6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 5 172.23.8.226 v05095$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c5c4c9f6aae008a6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 1100566 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Content Servers" - 200 TCP_TUNNELED CONNECT - tcp i.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 3123963 27037 - "YouTube" "none" 2017-12-15 16:23:39 39 172.20.0.221 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp i.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 204 - "YouTube" "none" 2017-12-15 16:23:39 2 172.20.0.221 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp i.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 204 - "YouTube" "none" 2017-12-15 16:23:39 3 172.20.0.221 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp i.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 293 - "YouTube" "none" 2017-12-15 16:23:39 3 172.20.0.221 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp i.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 293 - "YouTube" "none" 2017-12-15 16:23:39 2 172.23.8.208 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28441c81d6afe902 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 2 172.23.8.208 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28441c81d6afe902 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 4 172.23.8.208 bcpco001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28441c81d6afe902 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:39 122 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Content Servers" - 200 TCP_TUNNELED CONNECT - tcp i.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 252 1613 - "YouTube" "none" 2017-12-15 16:23:40 2 172.23.9.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b634a983e35d2534 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:40 2 172.23.9.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b634a983e35d2534 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:40 5 172.23.9.117 v20123$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b634a983e35d2534 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 4 172.23.8.127 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dc4d2ebb5aaf2a2d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 2 172.23.8.127 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dc4d2ebb5aaf2a2d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 4 172.23.8.127 v10-mc04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?dc4d2ebb5aaf2a2d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4ae6d774e7c1e95 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 3 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4ae6d774e7c1e95 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 4 172.23.9.218 p18006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e4ae6d774e7c1e95 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:23:41 1 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:23:41 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:23:41 5 172.23.9.218 p18006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:23:41 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:23:41 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:23:41 4 172.23.9.218 p18006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:23:42 3 172.19.2.51 - - authentication_failed DENIED "Shopping;Software Downloads" - 407 TCP_DENIED CONNECT - tcp play.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 306 212 - "none" "none" 2017-12-15 16:23:42 2 172.19.2.51 - - authentication_failed DENIED "Shopping;Software Downloads" - 407 TCP_DENIED CONNECT - tcp play.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 489 301 - "none" "none" 2017-12-15 16:23:43 3 172.23.9.105 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?052711acaac31569 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:43 2 172.23.9.105 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?052711acaac31569 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:43 4 172.23.9.105 vt100533$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?052711acaac31569 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:43 533063 172.23.5.76 4048 BKI\Internet%20Group - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp clients2.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 1646 3999 - "none" "none" 2017-12-15 16:23:43 40 172.23.5.76 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients2.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 232 - "none" "none" 2017-12-15 16:23:43 8 172.23.5.76 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp clients2.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 321 - "none" "none" 2017-12-15 16:23:43 1 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2d21f8e2c16cc9c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:43 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2d21f8e2c16cc9c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:43 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2d21f8e2c16cc9c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:43 1799941 172.23.5.76 4048 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 5073 2915 - "none" "none" 2017-12-15 16:23:43 39 172.23.5.76 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp www.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 230 - "none" "none" 2017-12-15 16:23:43 3 172.23.5.76 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp www.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 319 - "none" "none" 2017-12-15 16:23:43 110089 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 18096 13320 - "Office 365 Exchange" "none" 2017-12-15 16:23:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:44 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:23:44 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:23:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:23:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:23:44 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:23:45 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 1 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151623 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:23:45 4 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151623 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 32 172.23.8.107 v10046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151623 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:23:45 1 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7e6de143d3c0601 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7e6de143d3c0601 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7e6de143d3c0601 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:45 48 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:23:45 1 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:23:45 2 172.23.5.55 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:23:45 4 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:23:45 1 172.23.5.55 v13026$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151623 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:23:45 49 172.23.8.107 v10046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1481 1472 - "none" "none" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:23:45 2 172.23.8.107 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:23:46 12 172.23.8.107 v10046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1004 2682 - "none" "none" 2017-12-15 16:23:46 49 172.23.8.107 v10046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1079 103196 - "none" "none" 2017-12-15 16:23:46 23 172.23.8.107 v10046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1077 89369 - "none" "none" 2017-12-15 16:23:46 1 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:46 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:23:46 2 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:23:46 4 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:23:47 1 172.23.10.148 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:47 1 172.23.10.148 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:47 2 172.23.10.148 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:47 4 172.23.10.148 bcpab006$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:23:47 2 172.23.10.148 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:23:47 2 172.23.10.148 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2431 - "none" "none" 2017-12-15 16:23:47 2 172.23.10.148 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:47 5 172.23.10.148 bcpab006$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3132 - "none" "none" 2017-12-15 16:23:47 1 172.23.9.102 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d3a36de72f6879ba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:47 2 172.23.9.102 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d3a36de72f6879ba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:47 4 172.23.9.102 vt100532$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d3a36de72f6879ba cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:47 2 172.23.10.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c42bec1ee0413845 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:47 2 172.23.10.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c42bec1ee0413845 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:47 4 172.23.10.193 bcpmc001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c42bec1ee0413845 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:23:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:23:48 1 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 2 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 4 172.23.10.138 v11054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 1 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 1 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 3 172.23.10.138 v11054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 1 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 2 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 4 172.23.10.138 v11054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 2 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 2 172.23.10.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 4 172.23.10.138 v11054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:48 97 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:23:48 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:23:48 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:23:48 757 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:23:49 2 172.23.7.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f37353201f9c5ae2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 2 172.23.7.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f37353201f9c5ae2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 4 172.23.7.151 v05032$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f37353201f9c5ae2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 1 172.23.9.146 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1723b917da670261 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 2 172.23.9.146 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1723b917da670261 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 4 172.23.9.146 v10056$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1723b917da670261 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?ca59ad2c9be7adcf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 119918 172.20.0.161 3849 BKI\Dept_Motor%20Claim%20Department%20Group - PROXIED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp bki.eunite.net 443 / - - "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 3757 1896 - "none" "none" 2017-12-15 16:23:49 3 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?ca59ad2c9be7adcf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 5 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?ca59ad2c9be7adcf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 1 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0688e7c90419d133 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0688e7c90419d133 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:49 4 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0688e7c90419d133 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:50 299984 172.18.57.135 2052 BKI\VIP_Int - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 801 2379 - "none" "none" 2017-12-15 16:23:50 2 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "none" "none" 2017-12-15 16:23:50 1 172.23.8.107 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:23:50 5 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 765 - "none" "none" 2017-12-15 16:23:50 3 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 329 - "none" "none" 2017-12-15 16:23:50 2 172.23.8.107 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:23:50 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:23:51 38 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp fonts.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:51 37 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp fonts.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:51 38 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp fonts.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:51 39 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp fonts.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:51 38 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp fonts.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:51 38 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp fonts.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:23:51 39 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "none" "none" 2017-12-15 16:23:51 39 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "none" "none" 2017-12-15 16:23:51 40 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "none" "none" 2017-12-15 16:23:51 41 172.18.57.135 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "none" "none" 2017-12-15 16:23:51 41 172.18.57.135 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fonts.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 234 - "none" "none" 2017-12-15 16:23:51 1796994 172.18.57.135 2052 BKI\VIP_Int - OBSERVED "File Storage/Sharing" - 200 TCP_TUNNELED CONNECT - tcp drive.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 157421 5705 - "Google Docs" "none" 2017-12-15 16:23:51 38 172.18.57.135 - - authentication_failed DENIED "File Storage/Sharing" - 407 TCP_DENIED CONNECT - tcp drive.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 226 - "Google Docs" "none" 2017-12-15 16:23:51 4 172.18.57.135 - - authentication_failed DENIED "File Storage/Sharing" - 407 TCP_DENIED CONNECT - tcp drive.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 767 - "Google Docs" "none" 2017-12-15 16:23:51 4 172.18.57.135 - - authentication_failed DENIED "File Storage/Sharing" - 407 TCP_DENIED CONNECT - tcp drive.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 331 - "Google Docs" "none" 2017-12-15 16:23:51 2 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:23:51 2 172.23.5.55 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:23:51 4 172.23.5.55 v13026$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:23:51 1 172.23.5.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:51 1 172.23.5.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:52 2 172.23.5.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:52 20 172.23.5.71 v13030$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:52 6 172.23.5.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:23:52 6 172.23.5.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:23:52 2 172.23.5.71 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:52 6 172.23.5.71 v13030$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 23904 - "none" "none" 2017-12-15 16:23:52 2 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 2 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 5 172.23.0.135 lcstest04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 1 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 2 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 5 172.23.0.135 lcstest04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 1 172.23.10.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4a11c771498fdec6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 2 172.23.10.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4a11c771498fdec6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:52 5 172.23.10.64 bcpmc011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4a11c771498fdec6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:53 41 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:23:53 5 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:55 1 172.23.6.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:55 1 172.23.6.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:55 4 172.23.6.168 v15063$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:55 5 172.23.6.168 v15063$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:23:55 1 172.23.6.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 1 172.23.6.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 4 172.23.6.168 v15063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 2 172.23.6.168 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:23:55 5 172.23.6.168 v15063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3135 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 1 172.23.6.151 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:56 1 172.23.6.151 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:56 5 172.23.6.151 v06004$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2447 - "none" "none" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2447 - "none" "none" 2017-12-15 16:23:56 3 172.23.6.151 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:56 5 172.23.6.151 v06004$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3136 - "none" "none" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 1 172.23.6.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 5 172.23.6.151 v06004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 3 172.23.6.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2446 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 2 172.23.6.151 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 5 172.23.6.151 v06004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3135 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 2 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1aa8a11aa0f03f9a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 2 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1aa8a11aa0f03f9a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:56 4 172.23.0.135 lcstest04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1aa8a11aa0f03f9a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:57 1 172.23.9.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7e9c7e312e47491f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:57 2 172.23.9.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7e9c7e312e47491f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:57 5 172.23.9.63 vt100519$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7e9c7e312e47491f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 4448 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1566 3077 - "Facebook" "none" 2017-12-15 16:23:58 1 172.23.9.69 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:58 1 172.23.9.69 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:58 2 172.23.9.69 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:58 5 172.23.9.69 vt100522$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:23:58 3 172.23.9.69 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:58 2 172.23.9.69 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:58 2 172.23.9.69 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:58 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?16f5401bb85fdf86 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 6 172.23.9.69 vt100522$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3150 - "none" "none" 2017-12-15 16:23:58 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?16f5401bb85fdf86 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?16f5401bb85fdf86 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 1 172.23.9.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 1 172.23.9.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 1 172.23.9.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 3 172.23.9.69 vt100522$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.9.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.9.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.9.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 5 172.23.9.69 vt100522$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3148 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 1 172.23.4.1 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:58 1 172.23.4.1 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:23:58 2 172.23.4.1 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:23:58 4 172.23.4.1 v06001$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:23:58 2 172.23.4.1 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:58 2 172.23.4.1 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:23:58 3 172.23.4.1 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:23:58 4 172.23.4.1 v06001$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:23:58 1 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 1 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 4 172.23.4.1 v06001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 3 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 5 172.23.4.1 v06001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 1 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eeb7a9b77f00076a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 2 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eeb7a9b77f00076a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:58 4 172.23.0.141 lcstest09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eeb7a9b77f00076a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:23:59 1 172.23.10.194 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57d933eeaae9cad8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:23:59 2 172.23.10.194 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57d933eeaae9cad8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:23:59 4 172.23.10.194 bcpmc004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57d933eeaae9cad8 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:23:59 1942673 172.23.5.159 1796 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 2577 3490 - "none" "none" 2017-12-15 16:24:00 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2691595cf6e49725 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 3 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2691595cf6e49725 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 4 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2691595cf6e49725 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:00 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:00 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:24:00 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:24:00 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:00 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:00 3 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 15910 - "none" "none" 2017-12-15 16:24:00 16 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:24:00 29 172.23.9.221 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 462 - "none" "none" 2017-12-15 16:24:00 31 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:24:00 1 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 123 172.23.9.221 p19030$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 690 16587 - "none" "none" 2017-12-15 16:24:00 1 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fc8332ba188092cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 112 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 5 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 3 172.23.10.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fc8332ba188092cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:00 5 172.23.10.154 bcpab008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fc8332ba188092cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:01 1 172.23.8.184 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:01 1 172.23.8.184 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:01 1 172.23.8.184 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:01 13 172.23.8.184 v05055$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:01 2 172.23.8.184 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:01 2 172.23.8.184 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:01 2 172.23.8.184 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:01 6 172.23.8.184 v05055$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:24:01 5 172.23.8.184 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27275 - "none" "none" 2017-12-15 16:24:01 2 172.23.8.184 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:24:01 30 172.23.8.184 v05055$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27964 - "none" "none" 2017-12-15 16:24:02 1 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:02 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:02 3 172.23.8.186 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:02 1 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:02 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:02 1 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:02 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:02 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:02 4 172.23.8.186 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:02 1 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:02 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:02 3 172.23.8.186 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:02 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:02 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:02 4 172.23.8.186 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:03 91 172.23.7.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f8ae76dae61cd780 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:03 2 172.23.7.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f8ae76dae61cd780 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:03 4 172.23.7.221 v10011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f8ae76dae61cd780 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:03 2 172.23.0.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7ccae4bd1fa99911 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:03 2 172.23.0.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7ccae4bd1fa99911 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:03 4 172.23.0.154 lcstest19$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7ccae4bd1fa99911 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bc48991cb756d94d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bc48991cb756d94d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 5 172.23.7.65 v20114$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bc48991cb756d94d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 2 172.23.4.154 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 306 99 - "Office Online" "none" 2017-12-15 16:24:04 1 172.23.4.154 - - authentication_failed DENIED "Whitelist;o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 489 188 - "Office Online" "none" 2017-12-15 16:24:04 3 172.23.4.154 v16003$ - policy_denied DENIED "Whitelist;o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp client-office365-tas.msedge.net 443 / - - - 172.16.1.188 184 752 - "Office Online" "none" 2017-12-15 16:24:04 1 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:04 1 172.23.4.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:04 2 172.23.4.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:04 3 172.23.4.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:04 1 172.23.4.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:04 1 172.23.4.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:04 3 172.23.4.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:04 2 172.23.4.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:04 2 172.23.4.182 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:04 3 172.23.4.182 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:05 1 172.23.0.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b01a60358ddef18d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 2 172.23.0.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b01a60358ddef18d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 4 172.23.0.147 lcstest13$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b01a60358ddef18d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 3 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 3 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 1 172.23.8.215 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?361d2bf4fe76a36f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 2 172.23.8.215 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?361d2bf4fe76a36f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 5 172.23.8.215 v05084$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?361d2bf4fe76a36f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 1 172.23.8.215 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5c0ddba0ea925f69 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 2 172.23.8.215 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5c0ddba0ea925f69 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 4 172.23.8.215 v05084$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5c0ddba0ea925f69 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 1 172.23.8.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?d0d92f8eb1d2362e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 2 172.23.8.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?d0d92f8eb1d2362e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 4 172.23.8.251 v05112$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?d0d92f8eb1d2362e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 1 172.23.8.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d5798ae0619ad1e7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 2 172.23.8.251 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d5798ae0619ad1e7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:05 4 172.23.8.251 v05112$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d5798ae0619ad1e7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:06 2 172.23.7.156 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?811b57bcb0fff530 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:06 3 172.23.7.156 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?811b57bcb0fff530 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:06 4 172.23.7.156 v05035$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?811b57bcb0fff530 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:06 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:06 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:06 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:24:06 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:24:06 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:06 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:06 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:24:06 5 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:24:06 2 172.18.35.195 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:24:06 1 172.18.35.195 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:24:06 90 172.18.35.195 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1483 327 - "none" "none" 2017-12-15 16:24:06 1 172.23.7.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6ff3711162d19210 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:06 2 172.23.7.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6ff3711162d19210 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:06 5 172.23.7.160 v05037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6ff3711162d19210 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:24:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:24:07 1 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9351fb1b96efff81 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9351fb1b96efff81 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 3 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9351fb1b96efff81 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:07 154 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:24:07 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:24:07 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:24:07 789 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:24:08 2 172.23.9.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ffeea0bb6bc614fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 2 172.23.9.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ffeea0bb6bc614fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 4 172.23.9.104 vt70120$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ffeea0bb6bc614fa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 2 172.23.10.71 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fcce71751b437705 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 2 172.23.10.71 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fcce71751b437705 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 5 172.23.10.71 bcpcb003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fcce71751b437705 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 1 172.23.0.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a9abf53b1a1daeb0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 2 172.23.0.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a9abf53b1a1daeb0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:08 5 172.23.0.107 trainee11$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a9abf53b1a1daeb0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 2 172.23.0.78 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9497eb3875421910 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 2 172.23.0.78 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9497eb3875421910 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 4 172.23.0.78 v20134$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?9497eb3875421910 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 5 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:09 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:24:09 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:24:10 1 172.23.10.25 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?34b67ffb084044aa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 2 172.23.10.25 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?34b67ffb084044aa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 5 172.23.10.25 bcpto004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?34b67ffb084044aa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 94 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:24:10 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:24:10 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:24:10 767 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:24:10 1 172.23.6.112 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:10 1 172.23.6.112 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:10 1 172.23.6.112 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:10 4 172.23.6.112 v15027$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:10 2 172.23.6.112 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:10 2 172.23.6.112 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:10 2 172.23.6.112 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:10 5 172.23.6.112 v15027$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:24:10 1 172.23.6.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 2 172.23.6.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 1 172.23.6.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 4 172.23.6.112 v15027$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 3 172.23.6.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 2 172.23.6.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 2 172.23.6.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:24:10 5 172.23.6.112 v15027$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 2 172.23.8.141 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:24:11 434310 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips;Content Servers" - 200 TCP_TUNNELED CONNECT - tcp i1.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 11008 2164 - "YouTube" "none" 2017-12-15 16:24:11 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips;Content Servers" - 407 TCP_DENIED CONNECT - tcp i1.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 206 - "YouTube" "none" 2017-12-15 16:24:11 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips;Content Servers" - 407 TCP_DENIED CONNECT - tcp i1.ytimg.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 295 - "YouTube" "none" 2017-12-15 16:24:11 691817 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp securepubads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 758 2738 - "none" "none" 2017-12-15 16:24:11 27 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:24:11 39 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:24:11 39 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:24:11 26 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:24:11 5 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:24:11 5 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:24:11 5 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:24:11 6 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:24:11 44 172.20.0.221 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp securepubads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 242 - "none" "none" 2017-12-15 16:24:11 1 172.23.9.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cf5463bbb83cefce cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 60 172.20.0.221 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp securepubads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 331 - "none" "none" 2017-12-15 16:24:11 2 172.23.9.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cf5463bbb83cefce cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 5 172.23.9.117 v20123$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cf5463bbb83cefce cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 44 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 246 - "YouTube" "none" 2017-12-15 16:24:11 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 335 - "YouTube" "none" 2017-12-15 16:24:11 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 246 - "YouTube" "none" 2017-12-15 16:24:11 1 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 246 - "YouTube" "none" 2017-12-15 16:24:11 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 335 - "YouTube" "none" 2017-12-15 16:24:11 366070 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp www.googleadservices.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 1771 2760 - "none" "none" 2017-12-15 16:24:11 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd02f693e965a992 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd02f693e965a992 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 5 172.23.9.218 p18006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cd02f693e965a992 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:24:11 367164 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 17225 4571 - "none" "none" 2017-12-15 16:24:11 365693 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Content Servers" - 200 TCP_TUNNELED CONNECT - tcp yt3.ggpht.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 7506 2446 - "none" "none" 2017-12-15 16:24:11 41 172.20.0.221 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp yt3.ggpht.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 208 - "none" "none" 2017-12-15 16:24:11 46 172.20.0.221 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 236 - "none" "none" 2017-12-15 16:24:11 3 172.20.0.221 - - authentication_failed DENIED "Content Servers" - 407 TCP_DENIED CONNECT - tcp yt3.ggpht.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 297 - "none" "none" 2017-12-15 16:24:11 3 172.20.0.221 - - authentication_failed DENIED "Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 325 - "none" "none" 2017-12-15 16:24:12 280 172.20.0.221 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp www.googleadservices.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 230 - "none" "none" 2017-12-15 16:24:12 2 172.20.0.221 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp www.googleadservices.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 319 - "none" "none" 2017-12-15 16:24:12 435375 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp www.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 3136 5077 - "none" "none" 2017-12-15 16:24:12 39 172.20.0.221 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 210 - "none" "none" 2017-12-15 16:24:12 2 172.20.0.221 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 299 - "none" "none" 2017-12-15 16:24:12 1 172.23.0.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ae182b2142b9916e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:12 2 172.23.0.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ae182b2142b9916e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:12 4 172.23.0.164 v07004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ae182b2142b9916e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:12 366269 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp www.google.co.th 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 977 3445 - "none" "none" 2017-12-15 16:24:12 40 172.20.0.221 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.google.co.th 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 214 - "none" "none" 2017-12-15 16:24:12 2 172.20.0.221 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.google.co.th 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 214 - "none" "none" 2017-12-15 16:24:12 2 172.20.0.221 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.google.co.th 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 303 - "none" "none" 2017-12-15 16:24:12 3 172.20.0.221 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp www.google.co.th 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 303 - "none" "none" 2017-12-15 16:24:12 101 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp www.google.co.th 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 252 1628 - "none" "none" 2017-12-15 16:24:13 37 172.18.123.12 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp safebrowsing.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" 172.16.1.188 306 223 - "none" "none" 2017-12-15 16:24:13 2 172.18.123.12 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp safebrowsing.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" 172.16.1.188 489 312 - "none" "none" 2017-12-15 16:24:14 39 172.18.123.12 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp safebrowsing-cache.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:24:14 2 172.18.123.12 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp safebrowsing-cache.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:24:14 1 172.23.7.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 3 172.23.7.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 3 172.23.7.164 v11007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 1 172.23.7.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 1 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151624 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:24:14 2 172.23.7.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 4 172.23.7.164 v11007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 5 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151624 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:24:14 3 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151624 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:24:14 1 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:14 1 172.23.8.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3bb497346ebb1474 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 3 172.23.8.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3bb497346ebb1474 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:14 4 172.23.8.5 v05150$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3bb497346ebb1474 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:15 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:15 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:15 4 172.23.7.164 v11007$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:15 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7bfad6257f89c55c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:15 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7bfad6257f89c55c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:15 4 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7bfad6257f89c55c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:15 1 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:24:15 2 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:24:15 24 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1489 1472 - "none" "none" 2017-12-15 16:24:15 1 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:24:15 2 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:24:15 2 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:24:15 18 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1004 2682 - "none" "none" 2017-12-15 16:24:16 1 172.23.6.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:16 2 172.23.6.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:16 4 172.23.6.193 v20012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:16 1 172.23.6.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:16 1 172.23.6.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:16 3 172.23.6.193 v20012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:16 66 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1082 103196 - "none" "none" 2017-12-15 16:24:16 34 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1084 102385 - "none" "none" 2017-12-15 16:24:17 2 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?d573f4c67f5fac6b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:24:17 2 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?d573f4c67f5fac6b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:24:17 4 172.23.7.247 v16072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?d573f4c67f5fac6b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:24:17 1 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30880faa312f45f5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:17 2 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30880faa312f45f5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:17 4 172.23.7.247 v16072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30880faa312f45f5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:17 61861 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp shavar.services.mozilla.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 3435 2135 - "none" "none" 2017-12-15 16:24:18 37 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-qxo7rn7s.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 246 - "YouTube" "none" 2017-12-15 16:24:18 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r2---sn-qxo7rn7s.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 335 - "YouTube" "none" 2017-12-15 16:24:18 1 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:18 2 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:18 3 172.23.7.193 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:18 1 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:18 2 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:18 3 172.23.7.193 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:18 1 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:18 2 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:18 3 172.23.7.193 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:18 2 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:18 1 172.23.7.193 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:18 5 172.23.7.193 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:18 1 172.23.9.93 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:18 3 172.23.9.93 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:18 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 742 - "Microsoft Update" "Update Software" 2017-12-15 16:24:18 2 172.23.9.93 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:18 1 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151624 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:24:18 2 172.23.9.93 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:18 3 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151624 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:24:18 5 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 742 - "Microsoft Update" "Update Software" 2017-12-15 16:24:18 26 172.23.9.93 vt70115$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151624 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 929 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:19 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 734 - "none" "none" 2017-12-15 16:24:19 1 172.23.9.146 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?80b08674fe8c0012 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:19 3 172.23.9.146 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?80b08674fe8c0012 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:19 4 172.23.9.146 v10056$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?80b08674fe8c0012 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:19 7 172.23.8.107 v10046$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:24:19 1 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:19 1 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 784 - "none" "none" 2017-12-15 16:24:19 2 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:24:19 3 172.23.1.213 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:19 1 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:19 23 172.23.9.93 vt70115$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1487 1477 - "none" "none" 2017-12-15 16:24:19 2 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:19 3 172.23.1.213 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:19 1 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:24:19 1 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:19 1 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:19 3 172.23.1.213 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:19 16 172.23.9.93 vt70115$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1012 2686 - "none" "none" 2017-12-15 16:24:19 1 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:19 2 172.23.1.213 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:19 4 172.23.1.213 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:19 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:19 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 748 - "none" "none" 2017-12-15 16:24:19 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:19 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:19 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 748 - "none" "none" 2017-12-15 16:24:20 299821 172.23.8.14 1126 BKI\VIP_Int - OBSERVED "File Storage/Sharing;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp docs.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 3293 2686 - "Google Docs" "none" 2017-12-15 16:24:20 2 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eec42b664962779c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:20 2 172.23.4.1 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eec42b664962779c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:20 4 172.23.4.1 v06001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eec42b664962779c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:20 299843 172.23.8.14 1126 BKI\VIP_Int - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 801 2286 - "none" "none" 2017-12-15 16:24:20 1 172.23.8.14 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "none" "none" 2017-12-15 16:24:20 7 172.23.8.14 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp ssl.gstatic.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 313 - "none" "none" 2017-12-15 16:24:20 168 172.23.8.14 - - authentication_failed DENIED "File Storage/Sharing;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp docs.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 224 - "Google Docs" "none" 2017-12-15 16:24:20 6 172.23.8.14 - - authentication_failed DENIED "File Storage/Sharing;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp docs.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 313 - "Google Docs" "none" 2017-12-15 16:24:20 56 172.23.9.93 vt70115$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1080 103594 - "none" "none" 2017-12-15 16:24:20 34 172.23.9.93 vt70115$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1078 88775 - "none" "none" 2017-12-15 16:24:20 1 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:24:20 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:24:20 4 172.23.7.164 v11007$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:24:21 2765 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-qxo7rn7s.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 11287 2292 - "YouTube" "none" 2017-12-15 16:24:21 1 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:21 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:21 4 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:21 1 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:21 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:21 4 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:21 4 172.23.8.175 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:24:21 2 172.23.8.175 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:24:21 9 172.23.8.175 v08014$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:24:21 109 172.23.9.81 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7f29a6de9749479f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 2 172.23.9.81 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7f29a6de9749479f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 5 172.23.9.81 vt100527$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7f29a6de9749479f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 1 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 2 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 4 172.23.8.112 v10052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 1 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 2 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 4 172.23.8.112 v10052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:22 37 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:22 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:22 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:24:22 3 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:24:22 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:22 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:22 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:24:22 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:24:22 1 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:22 2 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:22 3 172.23.9.49 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:22 1 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:22 2 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:22 4 172.23.9.49 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:22 1 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:22 2 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:22 3 172.23.9.49 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:22 1 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:22 2 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:22 3 172.23.9.49 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:22 1 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:22 1 172.23.9.49 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:22 3 172.23.9.49 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:23 2 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?0ff492fe698c7fcc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:24:23 2 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?0ff492fe698c7fcc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:24:23 4 172.23.10.43 bcpcb002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?0ff492fe698c7fcc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 932 - "Microsoft Update" "Update Software" 2017-12-15 16:24:23 1 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?abf351fb7746543a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:23 2 172.23.10.43 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?abf351fb7746543a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:23 5 172.23.10.43 bcpcb002$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?abf351fb7746543a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:23 175 172.23.8.83 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:23 1 172.23.8.83 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:23 2 172.23.8.83 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:23 4 172.23.8.83 v10021$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:23 2 172.23.8.83 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2447 - "none" "none" 2017-12-15 16:24:23 2 172.23.8.83 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2447 - "none" "none" 2017-12-15 16:24:23 2 172.23.8.83 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:23 5 172.23.8.83 v10021$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3136 - "none" "none" 2017-12-15 16:24:24 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:24:24 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:24:24 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 754 - "none" "none" 2017-12-15 16:24:24 1 172.23.7.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0efb80e2baacd9f2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:24 2 172.23.7.199 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0efb80e2baacd9f2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:24 4 172.23.7.199 v16035$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0efb80e2baacd9f2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:24 2 172.23.8.107 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:24:24 2 172.23.8.107 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:24:24 5 172.23.8.107 v10046$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:24:24 1 172.23.8.210 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:24:24 2 172.23.8.210 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 489 268 - "none" "none" 2017-12-15 16:24:27 1 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6b706a6e51bf42d1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:24:27 3 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6b706a6e51bf42d1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:24:27 5 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?6b706a6e51bf42d1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1172 908 - "Microsoft Update" "Update Software" 2017-12-15 16:24:27 1 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c8a233fda256c70d cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:27 2 172.23.1.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c8a233fda256c70d cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:27 5 172.23.1.231 v24300$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c8a233fda256c70d cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:27 1 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:27 2 172.23.8.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:27 3 172.23.8.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:28 1 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6766f2db01237c06 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 3 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6766f2db01237c06 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 4 172.23.0.135 lcstest04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6766f2db01237c06 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f5f92a9f356a83ff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f5f92a9f356a83ff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 5 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f5f92a9f356a83ff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 1 172.23.9.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4086cc1db85b7599 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 2 172.23.9.33 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4086cc1db85b7599 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 4 172.23.9.33 v05145$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?4086cc1db85b7599 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:28 97143 192.168.11.95 4060 BKI\Information%20Technology%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp autodiscover.bangkokinsurance.com 443 / - - - 172.16.1.188 5639 3399 - "none" "none" 2017-12-15 16:24:28 110442 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6554 4936 - "Office 365 Exchange" "none" 2017-12-15 16:24:28 77144 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp odc.officeapps.live.com 443 / - - - 172.16.1.188 12711 3183 - "Office Online" "none" 2017-12-15 16:24:28 76993 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 8540 1920 - "Office Online" "none" 2017-12-15 16:24:28 76888 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4903 2037 - "Office Online" "none" 2017-12-15 16:24:28 76856 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2002 1632 - "Office Online" "none" 2017-12-15 16:24:28 76848 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2386 1632 - "Office Online" "none" 2017-12-15 16:24:28 76888 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4151 2037 - "Office Online" "none" 2017-12-15 16:24:28 76948 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 7916 1920 - "Office Online" "none" 2017-12-15 16:24:28 76951 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 7580 1920 - "Office Online" "none" 2017-12-15 16:24:28 76912 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 7628 1920 - "Office Online" "none" 2017-12-15 16:24:28 76982 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 7628 1920 - "Office Online" "none" 2017-12-15 16:24:28 76890 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4151 2037 - "Office Online" "none" 2017-12-15 16:24:28 76858 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2002 1632 - "Office Online" "none" 2017-12-15 16:24:28 77031 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 9889 2325 - "Office Online" "none" 2017-12-15 16:24:28 76952 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 7916 1920 - "Office Online" "none" 2017-12-15 16:24:28 76891 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4359 2037 - "Office Online" "none" 2017-12-15 16:24:28 76914 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 8172 1920 - "Office Online" "none" 2017-12-15 16:24:28 76859 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4359 2037 - "Office Online" "none" 2017-12-15 16:24:28 76998 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 9329 2373 - "Office Online" "none" 2017-12-15 16:24:28 76643 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2050 1632 - "Office Online" "none" 2017-12-15 16:24:28 77034 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 12790 2730 - "Office Online" "none" 2017-12-15 16:24:28 77017 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 9857 2325 - "Office Online" "none" 2017-12-15 16:24:28 76643 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2594 1632 - "Office Online" "none" 2017-12-15 16:24:28 77034 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 13777 2357 - "Office Online" "none" 2017-12-15 16:24:28 84965 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "O365_set2;o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp templateservice.office.com 443 / - - - 172.16.1.188 27806 1592 - "Office Online" "none" 2017-12-15 16:24:28 76828 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2050 1632 - "Office Online" "none" 2017-12-15 16:24:28 76994 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 10273 2325 - "Office Online" "none" 2017-12-15 16:24:28 76881 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4695 2037 - "Office Online" "none" 2017-12-15 16:24:28 76705 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2594 1632 - "Office Online" "none" 2017-12-15 16:24:28 84967 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "O365_set2;o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp templateservice.office.com 443 / - - - 172.16.1.188 27806 1592 - "Office Online" "none" 2017-12-15 16:24:28 76864 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4727 2037 - "Office Online" "none" 2017-12-15 16:24:28 76866 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 4407 2037 - "Office Online" "none" 2017-12-15 16:24:28 76651 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp cdn.odc.officeapps.live.com 443 / - - - 172.16.1.188 2002 1632 - "Office Online" "none" 2017-12-15 16:24:28 95830 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 47724 1935 - "Office Online" "none" 2017-12-15 16:24:28 95753 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 42812 2340 - "Office Online" "none" 2017-12-15 16:24:28 95832 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 67174 2340 - "Office Online" "none" 2017-12-15 16:24:28 95829 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 24887 2340 - "Office Online" "none" 2017-12-15 16:24:28 95736 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 87531 2340 - "Office Online" "none" 2017-12-15 16:24:28 95834 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 43724 2745 - "Office Online" "none" 2017-12-15 16:24:28 95836 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 68278 2745 - "Office Online" "none" 2017-12-15 16:24:28 95757 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 38892 1935 - "Office Online" "none" 2017-12-15 16:24:28 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:28 95775 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 74059 2340 - "Office Online" "none" 2017-12-15 16:24:28 95943 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp ocws.officeapps.live.com 443 / - - - 172.16.1.188 7855 5335 - "Office Online" "none" 2017-12-15 16:24:28 95944 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp ocws.officeapps.live.com 443 / - - - 172.16.1.188 6762 3234 - "Office Online" "none" 2017-12-15 16:24:28 95834 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 83499 2340 - "Office Online" "none" 2017-12-15 16:24:28 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:28 95834 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp omextemplates.content.office.net 443 / - - - 172.16.1.188 73894 2340 - "Office Online" "none" 2017-12-15 16:24:28 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:24:28 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:24:28 109893 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp login.windows.net 443 / - - - 172.16.1.188 14659 4483 - "Office Online" "none" 2017-12-15 16:24:28 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:28 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:28 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:24:28 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:24:29 17751 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 190 1649 - "YouTube" "none" 2017-12-15 16:24:29 1 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?463224f577e755a1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 3 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?463224f577e755a1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 4 172.23.0.141 lcstest09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?463224f577e755a1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 2 172.23.9.36 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a8090d64e1cd7a99 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 2 172.23.9.36 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a8090d64e1cd7a99 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 5 172.23.9.36 v05142$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a8090d64e1cd7a99 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 2 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?adfa5c93b93ae68c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 2 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?adfa5c93b93ae68c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 5 172.23.6.224 v17063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?adfa5c93b93ae68c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 1 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?052e440bb2bfc34f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 2 172.23.6.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?052e440bb2bfc34f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:29 4 172.23.6.224 v17063$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?052e440bb2bfc34f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 1 172.23.8.246 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?76d8eb4694fa98cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 3 172.23.8.246 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?76d8eb4694fa98cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 4 172.23.8.246 v05104$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?76d8eb4694fa98cf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 160925 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 8648 3720 - "Office 365 Exchange" "none" 2017-12-15 16:24:30 156530 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 5845 2462 - "Office 365 Exchange" "none" 2017-12-15 16:24:30 1 172.23.8.205 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f082f48f0f22312c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 2 172.23.8.205 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f082f48f0f22312c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 5 172.23.8.205 v05073$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f082f48f0f22312c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 1 172.23.7.229 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a50dbcfc4cfc8d86 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 2 172.23.7.229 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a50dbcfc4cfc8d86 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:30 4 172.23.7.229 v16055$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a50dbcfc4cfc8d86 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:31 1 172.23.8.38 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:31 115 172.23.8.38 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:31 4 172.23.8.38 v11044$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 1 172.23.0.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?804ae9d085f10969 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 2 172.23.0.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?804ae9d085f10969 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 5 172.23.0.140 lcstest10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?804ae9d085f10969 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 1 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 2 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 5 10.250.81.2 v1-dr014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 1 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 2 10.250.81.2 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 4 10.250.81.2 v1-dr014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:24:32 5 10.250.81.2 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 23796 - "none" "none" 2017-12-15 16:24:32 2 10.250.81.2 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:24:32 10 10.250.81.2 v1-dr014$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 24497 - "none" "none" 2017-12-15 16:24:32 1 172.23.7.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:32 1 172.23.7.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:32 1 172.23.7.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:32 5 172.23.7.171 v10005$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:32 2 172.23.7.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:32 2 172.23.7.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:32 2 172.23.7.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:32 6 172.23.7.171 v10005$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:24:33 1 172.23.8.38 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:33 2 172.23.8.38 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:33 4 172.23.8.38 v11044$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 2 172.23.4.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?618ab8b31d5df2d7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 2 172.23.4.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?618ab8b31d5df2d7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 4 172.23.4.200 v16007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?618ab8b31d5df2d7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 220553 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 510515 47896 - "Office 365 Exchange" "none" 2017-12-15 16:24:34 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:34 1 172.23.8.9 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 3 172.23.6.224 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:34 2 172.23.8.9 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 4 172.23.8.9 v11011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:34 2 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:34 1 172.23.8.9 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 3 172.23.6.224 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:34 2 172.23.8.9 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 4 172.23.8.9 v11011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:34 2 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:34 4 172.23.6.224 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:34 3 172.23.6.224 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:34 2 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:34 4 172.23.6.224 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:34 1 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:34 2 172.23.6.224 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:34 3 172.23.6.224 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:35 170446 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Search Engines/Portals" - 200 TCP_TUNNELED CONNECT - tcp notifications.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 1688 3033 - "none" "none" 2017-12-15 16:24:35 2 172.23.8.38 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:35 2 172.23.8.38 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:35 4 172.23.8.38 v11044$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:36 88 172.23.9.204 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:24:36 4 172.23.9.204 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:24:36 5 172.23.9.204 p16048$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:24:36 1 172.23.9.204 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:24:36 2 172.23.9.204 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:24:36 4 172.23.9.204 p16048$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:24:36 2 172.23.9.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29595fa8ebfb7f44 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:36 2 172.23.9.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29595fa8ebfb7f44 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:36 4 172.23.9.45 v21009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?29595fa8ebfb7f44 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:36 1 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bf65eb3431393c6b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:36 2 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bf65eb3431393c6b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:36 4 172.23.8.104 v10043$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bf65eb3431393c6b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:37 110022 172.23.8.210 2491 BKI\VIP_Int - OBSERVED "o356;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 9765 1822 - "none" "none" 2017-12-15 16:24:37 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a6f1d64906f4e30 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:37 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a6f1d64906f4e30 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:37 4 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a6f1d64906f4e30 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:37 1 172.23.7.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b50eb8ccfa26e116 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:37 2 172.23.7.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b50eb8ccfa26e116 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:37 4 172.23.7.160 v05037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b50eb8ccfa26e116 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:39 99 172.23.9.124 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp armmf.adobe.com 443 / - - - 172.16.1.188 306 67 - "none" "none" 2017-12-15 16:24:39 2 172.23.9.124 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp armmf.adobe.com 443 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)" 172.16.1.188 306 298 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:39 3 172.23.7.167 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:39 3 172.23.7.167 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:39 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:39 4 172.23.7.167 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:39 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:39 4 172.23.7.167 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:39 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:39 3 172.23.7.167 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:39 1 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:39 2 172.23.7.167 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:39 3 172.23.7.167 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:39 2 172.23.4.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1d6e389f5edb9a5e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:39 2 172.23.4.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1d6e389f5edb9a5e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:39 4 172.23.4.221 v17021$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?1d6e389f5edb9a5e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:40 40 172.16.54.188 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 306 69 - "none" "none" 2017-12-15 16:24:40 2 172.16.54.188 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 489 158 - "none" "none" 2017-12-15 16:24:40 4 172.16.54.188 bpmsrv02-dev$ - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:24:40 1 172.23.8.226 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e0b5efa170f187d0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:40 2 172.23.8.226 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e0b5efa170f187d0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:40 5 172.23.8.226 v05095$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e0b5efa170f187d0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:40 1799854 172.16.52.85 viadmin BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 172.16.1.188 4259 1821 - "none" "none" 2017-12-15 16:24:40 2 172.16.52.85 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 172.16.1.188 306 253 - "none" "none" 2017-12-15 16:24:40 6 172.16.52.85 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp clientservices.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 172.16.1.188 489 342 - "none" "none" 2017-12-15 16:24:40 1 172.23.10.79 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:40 1 172.23.10.79 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:40 1 172.23.10.79 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:40 3 172.23.10.79 v10-cc07$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 742 - "none" "none" 2017-12-15 16:24:40 2 172.23.10.79 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:40 2 172.23.10.79 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:40 2 172.23.10.79 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:40 5 172.23.10.79 v10-cc07$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3150 - "none" "none" 2017-12-15 16:24:41 2 172.23.9.204 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 889 - "none" "none" 2017-12-15 16:24:41 3 172.23.9.204 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:24:41 12 172.23.9.204 p16048$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1504 1566 - "none" "none" 2017-12-15 16:24:41 36 192.168.11.95 - - authentication_failed DENIED "o356;Internet Telephony;Chat (IM)/SMS;Office/Business Applications" - 407 TCP_DENIED CONNECT - tcp config.edge.skype.com 443 / - - - 172.16.1.188 306 79 - "Lync Online" "none" 2017-12-15 16:24:41 2 172.23.9.204 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2239 - "none" "none" 2017-12-15 16:24:41 3 172.23.9.204 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:24:41 17 172.23.9.204 p16048$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1013 2916 - "none" "none" 2017-12-15 16:24:41 3 172.23.9.204 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2863 - "none" "none" 2017-12-15 16:24:41 2 172.23.9.204 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 462 - "none" "none" 2017-12-15 16:24:41 7 172.23.9.204 p16048$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 690 3540 - "none" "none" 2017-12-15 16:24:42 2 172.23.0.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?673ad8844c0d6a17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:42 2 172.23.0.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?673ad8844c0d6a17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:42 4 172.23.0.164 v07004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?673ad8844c0d6a17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:43 1 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:43 4 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:43 4 172.23.0.234 v15029$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:43 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c6ac9499034ae4af cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:43 2 172.23.5.55 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c6ac9499034ae4af cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:43 5 172.23.5.55 v13026$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c6ac9499034ae4af cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:44 33396 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 4221 2130 - "YouTube" "none" 2017-12-15 16:24:44 33395 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 4221 2136 - "YouTube" "none" 2017-12-15 16:24:44 33398 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 5845 2843 - "YouTube" "none" 2017-12-15 16:24:44 261129 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r5---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 59595675 58014 - "YouTube" "none" 2017-12-15 16:24:44 1 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 228 - "none" "none" 2017-12-15 16:24:44 4 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 269 769 - "none" "none" 2017-12-15 16:24:44 3 172.18.57.135 - - authentication_failed DENIED "Suspicious" - 407 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 513 333 - "none" "none" 2017-12-15 16:24:44 5 172.18.57.135 2052 BKI\VIP_Int policy_denied DENIED "Suspicious" - 403 TCP_DENIED CONNECT - tcp epicunitscan.info 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 184 929 - "none" "none" 2017-12-15 16:24:44 1 172.23.6.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8892f12d79ee9648 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:44 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:44 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:24:44 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:24:44 2 172.23.6.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8892f12d79ee9648 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:44 4 172.23.6.147 v01013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8892f12d79ee9648 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:24:44 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:24:44 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:24:45 1 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 2 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 4 172.23.0.234 v15029$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 1 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 2 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 4 172.23.0.106 trainee10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 1 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 2 172.23.0.106 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 3 172.23.0.106 trainee10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 5 172.23.0.106 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:24:45 2 172.23.0.106 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:24:45 14 172.23.0.106 trainee10$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27943 - "none" "none" 2017-12-15 16:24:45 1 172.23.9.230 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa72a22e96d4efbf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 2 172.23.9.230 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa72a22e96d4efbf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:45 5 172.23.9.230 vt100549$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa72a22e96d4efbf cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:46 52 172.23.7.36 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 306 103 - "none" "none" 2017-12-15 16:24:46 6 172.23.7.36 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 489 192 - "none" "none" 2017-12-15 16:24:46 4 172.23.7.36 c1526 - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp metrics-a.wbx2.com 443 / - - - 172.16.1.188 184 752 - "none" "none" 2017-12-15 16:24:46 1 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:46 5 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:46 5 172.23.7.247 v16072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:46 1 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?281c0a6e4b080d71 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:46 2 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?281c0a6e4b080d71 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:46 5 172.23.0.234 v15029$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?281c0a6e4b080d71 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 1 172.23.0.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?959d866e34493a5a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 2 172.23.0.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?959d866e34493a5a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 5 172.23.0.103 trainee08$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?959d866e34493a5a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 1 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 2 172.23.0.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 4 172.23.0.234 v15029$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 2 172.23.10.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?654aea9f0dad5fef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 2 172.23.10.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?654aea9f0dad5fef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:47 5 172.23.10.193 bcpmc001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?654aea9f0dad5fef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:24:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:24:48 2 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eda85bc86f15f26d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 2 172.23.8.69 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eda85bc86f15f26d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 5 172.23.8.69 v05152$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eda85bc86f15f26d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 1 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 1 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 4 172.23.7.247 v16072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:48 119 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:24:48 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:24:48 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:24:48 3 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:24:48 834 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:24:49 1 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151624 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:24:49 1 172.23.7.164 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151624 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:24:49 7 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151624 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:24:49 1 172.23.7.164 v11007$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151624 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:24:49 1 172.23.8.25 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:49 2 172.23.8.25 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:49 1 172.23.8.25 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:49 3 172.23.8.25 v11028$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:49 6 172.23.8.25 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:24:49 2 172.18.35.171 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:24:49 6 172.23.8.25 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 23215 - "none" "none" 2017-12-15 16:24:49 2 172.23.8.25 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:49 7 172.23.8.25 v11028$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 23904 - "none" "none" 2017-12-15 16:24:49 2 172.18.35.171 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:24:49 4 172.18.35.171 c1362 - policy_denied DENIED "o356;Education;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 884 - "none" "none" 2017-12-15 16:24:49 1 172.18.35.171 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:24:49 2 172.18.35.171 - - authentication_failed DENIED "o356;Education;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:24:49 5 172.18.35.171 c1362 - policy_denied DENIED "o356;Education;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ieonline.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 884 - "none" "none" 2017-12-15 16:24:49 4 172.18.35.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1483 299 - "none" "none" 2017-12-15 16:24:49 2 172.18.35.171 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1683 388 - "none" "none" 2017-12-15 16:24:49 4 172.18.35.171 c1362 - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED GET - http go.microsoft.com 80 /fwlink/ ?LinkID=401135 - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1106 948 - "none" "none" 2017-12-15 16:24:49 2 172.23.8.109 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?831d0c1758d0aeff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:49 2 172.23.8.109 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?831d0c1758d0aeff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:49 5 172.23.8.109 v10050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?831d0c1758d0aeff cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:50 1 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:50 2 172.23.7.247 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:50 4 172.23.7.247 v16072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:50 1 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aaa4898597b3fe21 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:50 2 172.23.7.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aaa4898597b3fe21 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:50 4 172.23.7.70 v20117$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aaa4898597b3fe21 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:24:51 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:24:51 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a73b088914642def cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:51 2 172.23.8.195 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a73b088914642def cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:24:51 5 172.23.8.195 v05062$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a73b088914642def cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:51 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:24:51 3 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:24:52 18 172.23.9.93 vt70115$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1247 - "none" "none" 2017-12-15 16:24:53 1 172.23.7.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:53 1 172.23.7.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:24:53 2 172.23.7.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:24:53 4 172.23.7.154 v05031$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:24:53 2 172.23.7.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:53 3 172.23.7.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:24:53 3 172.23.7.154 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:24:53 5 172.23.7.154 v05031$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:24:54 1 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:24:54 2 172.23.7.164 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:24:54 4 172.23.7.164 v11007$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:24:54 38 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:24:54 4 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:24:55 137391 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp nexus.officeapps.live.com 443 / - - - 172.16.1.188 7952 16451 - "Office Online" "none" 2017-12-15 16:24:55 82166 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Office/Business Applications" - 200 TCP_TUNNELED CONNECT - tcp nexusrules.officeapps.live.com 443 / - - - 172.16.1.188 51503 1812 - "Office Online" "none" 2017-12-15 16:24:55 1 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:55 2 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:55 4 172.23.8.187 v05052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:55 1 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:24:55 2 172.23.8.187 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:24:55 4 172.23.8.187 v05052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:24:56 2 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cbd26fa2f6bc9faa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:56 2 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cbd26fa2f6bc9faa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:56 5 172.23.8.112 v10052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cbd26fa2f6bc9faa cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:56 1 172.23.9.17 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d3541798df210831 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:56 2 172.23.9.17 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d3541798df210831 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:56 9 172.23.9.17 v03005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d3541798df210831 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:24:57 1 172.23.9.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0d78b1e2bf56e0af cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:24:57 2 172.23.9.63 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0d78b1e2bf56e0af cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:24:57 4 172.23.9.63 vt100519$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0d78b1e2bf56e0af cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:24:58 3454 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1566 3077 - "Facebook" "none" 2017-12-15 16:24:58 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:24:58 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:24:58 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 754 - "none" "none" 2017-12-15 16:24:58 1 172.23.7.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:58 2 172.23.7.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:58 3 172.23.7.212 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:58 1 172.23.7.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:58 2 172.23.7.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:58 4 172.23.7.212 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:58 2 172.23.7.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:24:58 1 172.23.7.212 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:24:58 3 172.23.7.212 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:24:59 2 172.19.2.51 - - authentication_failed DENIED "Shopping;Software Downloads" - 407 TCP_DENIED CONNECT - tcp play.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 306 212 - "none" "none" 2017-12-15 16:24:59 2 172.19.2.51 - - authentication_failed DENIED "Shopping;Software Downloads" - 407 TCP_DENIED CONNECT - tcp play.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 489 301 - "none" "none" 2017-12-15 16:24:59 2 172.24.0.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 305 87 - "none" "none" 2017-12-15 16:24:59 2 172.24.0.103 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 488 176 - "none" "none" 2017-12-15 16:24:59 148 172.24.0.103 theerapong.ocs - - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 6144 3350 - "none" "none" 2017-12-15 16:25:00 2 172.23.8.53 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?638242791c3419b3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.8.53 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?638242791c3419b3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 5 172.23.8.53 v01016$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?638242791c3419b3 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.10.135 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED POST - http tools.google.com 80 /service/update2 ?w=6:RVcCQMhoNzbrjDVaBq0OqTdvonE_x5zTFKdDtTA-lTRfSaCkWTDXWgaGbB-zk3Sdf73wapyrTlK35OFO9TO6WQESdX6Xlk7R4irqzCUoLhB32MWqzLLQE5WMZg6-vTWGL-8jat30oJU_1Qh6dupkzF2Nl00DRHSgaownn_ZKG-5RE7X_qmRzNl0uu0sLKCN2b_qMG0qI-vTwn2NActeWhR8x6bYimYKTu_xxbCTvt72jPPDDfKeCjg4UBIhpzMxTV8ZRh6U2ue1vLCNG9lQWtgenaxcukxIy0vGToIGm5FTISyGDlo22jQ-nfIwRJgNSttm2ZFdMc5bNRNsfcYFTIA - "Google Update/1.3.21.115;winhttp;cup" 172.16.1.188 1824 1613 - "none" "none" 2017-12-15 16:25:00 2 172.23.8.246 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6c868c72a8bf927f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.8.246 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6c868c72a8bf927f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 4 172.23.8.246 v05104$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?6c868c72a8bf927f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 3 172.23.10.135 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED POST - http tools.google.com 80 /service/update2 ?w=6:RVcCQMhoNzbrjDVaBq0OqTdvonE_x5zTFKdDtTA-lTRfSaCkWTDXWgaGbB-zk3Sdf73wapyrTlK35OFO9TO6WQESdX6Xlk7R4irqzCUoLhB32MWqzLLQE5WMZg6-vTWGL-8jat30oJU_1Qh6dupkzF2Nl00DRHSgaownn_ZKG-5RE7X_qmRzNl0uu0sLKCN2b_qMG0qI-vTwn2NActeWhR8x6bYimYKTu_xxbCTvt72jPPDDfKeCjg4UBIhpzMxTV8ZRh6U2ue1vLCNG9lQWtgenaxcukxIy0vGToIGm5FTISyGDlo22jQ-nfIwRJgNSttm2ZFdMc5bNRNsfcYFTIA - "Google Update/1.3.21.115;winhttp;cup" 172.16.1.188 2024 798 - "none" "none" 2017-12-15 16:25:00 6 172.23.10.135 v11045$ - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED POST - http tools.google.com 80 /service/update2 ?w=6:RVcCQMhoNzbrjDVaBq0OqTdvonE_x5zTFKdDtTA-lTRfSaCkWTDXWgaGbB-zk3Sdf73wapyrTlK35OFO9TO6WQESdX6Xlk7R4irqzCUoLhB32MWqzLLQE5WMZg6-vTWGL-8jat30oJU_1Qh6dupkzF2Nl00DRHSgaownn_ZKG-5RE7X_qmRzNl0uu0sLKCN2b_qMG0qI-vTwn2NActeWhR8x6bYimYKTu_xxbCTvt72jPPDDfKeCjg4UBIhpzMxTV8ZRh6U2ue1vLCNG9lQWtgenaxcukxIy0vGToIGm5FTISyGDlo22jQ-nfIwRJgNSttm2ZFdMc5bNRNsfcYFTIA - "Google Update/1.3.21.115;winhttp;cup" 172.16.1.188 1448 2302 - "none" "none" 2017-12-15 16:25:00 1 172.23.9.95 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0966ba6fbd2b3b26 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.9.95 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0966ba6fbd2b3b26 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 5 172.23.9.95 vt70111$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0966ba6fbd2b3b26 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a5e9f4a220846202 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a5e9f4a220846202 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 4 172.23.0.138 lcstest02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a5e9f4a220846202 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 1 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5968951ac6f0eecb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5968951ac6f0eecb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:00 4 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5968951ac6f0eecb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 1 172.20.0.161 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 305 87 - "none" "none" 2017-12-15 16:25:01 2 172.20.0.161 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 488 176 - "none" "none" 2017-12-15 16:25:01 42 172.19.2.51 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp notifications.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 306 230 - "none" "none" 2017-12-15 16:25:01 2 172.19.2.51 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED CONNECT - tcp notifications.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 172.16.1.188 489 319 - "none" "none" 2017-12-15 16:25:01 1 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 158 172.20.0.161 3849 BKI\Dept_Motor%20Claim%20Department%20Group - PROXIED "Financial Services" - 200 TCP_TUNNELED CONNECT - tcp mail.bangkokinsurance.com 443 / - - - 172.16.1.188 6148 3274 - "none" "none" 2017-12-15 16:25:01 1 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 5 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 1 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:25:01 4 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:25:01 1 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 1 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 2 172.23.9.14 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 64 172.23.9.14 v05128$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:25:01 1 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 2 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 7 172.23.8.104 v10043$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 1 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 2 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:01 4 172.23.8.104 v10043$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.0.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4136ef2c7bf6c0a7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.0.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4136ef2c7bf6c0a7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 1 172.23.8.203 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57e7bcd6babc92d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 4 172.23.0.140 lcstest10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?4136ef2c7bf6c0a7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 936 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 1 172.23.0.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5e25b1e2b7b8c7d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.8.203 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57e7bcd6babc92d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 5 172.23.8.203 v05071$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?57e7bcd6babc92d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.0.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5e25b1e2b7b8c7d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 4 172.23.0.140 lcstest10$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5e25b1e2b7b8c7d1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:25:02 39 172.23.9.14 v05128$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1489 1472 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:25:02 11 172.23.9.14 v05128$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1010 2682 - "none" "none" 2017-12-15 16:25:02 1 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:02 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:25:02 1 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:02 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:25:02 1 172.23.10.134 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:02 1 172.23.10.134 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:02 2 172.23.10.134 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:02 5 172.23.10.134 v11049$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:25:02 2 172.23.10.134 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:02 8 172.23.10.134 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:02 2 172.23.10.134 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:25:02 5 172.23.10.134 v11049$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:25:02 1 172.23.9.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bfedc6683458d3fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.9.231 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bfedc6683458d3fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 4 172.23.9.231 vt100548$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?bfedc6683458d3fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 1 172.23.9.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 2 172.23.9.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 5 172.23.9.64 vt100516$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 1 172.23.9.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 1 172.23.9.64 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 4 172.23.9.64 vt100516$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:25:02 4 172.23.9.64 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27275 - "none" "none" 2017-12-15 16:25:02 2 172.23.9.64 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:02 10 172.23.9.64 vt100516$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27976 - "none" "none" 2017-12-15 16:25:03 47 172.23.9.14 v05128$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1077 103595 - "none" "none" 2017-12-15 16:25:03 16 172.23.9.14 v05128$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1077 103188 - "none" "none" 2017-12-15 16:25:03 2 172.23.7.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3431c5dcda082a05 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 2 172.23.7.221 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3431c5dcda082a05 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 4 172.23.7.221 v10011$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?3431c5dcda082a05 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 1 172.23.9.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d953022f1bef88ef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 3 172.23.9.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d953022f1bef88ef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 4 172.23.9.34 v05141$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d953022f1bef88ef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 2 172.23.0.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?733f735e04f022df cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 2 172.23.0.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?733f735e04f022df cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:03 4 172.23.0.154 lcstest19$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?733f735e04f022df cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:05 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0a355f799b13f20e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:05 2 172.23.7.65 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0a355f799b13f20e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:05 4 172.23.7.65 v20114$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0a355f799b13f20e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:05 1 172.23.0.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?98c615d4cf596bc4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:05 2 172.23.0.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?98c615d4cf596bc4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:05 5 172.23.0.147 lcstest13$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?98c615d4cf596bc4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 1 172.23.7.156 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d26dc6b9f01d03c1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 2 172.23.7.156 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d26dc6b9f01d03c1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 4 172.23.7.156 v05035$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d26dc6b9f01d03c1 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 2 172.23.9.239 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 889 - "none" "none" 2017-12-15 16:25:06 3 172.23.9.239 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:25:06 20 172.23.9.239 p07048$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1504 1566 - "none" "none" 2017-12-15 16:25:06 1 172.23.9.239 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2239 - "none" "none" 2017-12-15 16:25:06 2 172.23.9.239 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 488 - "none" "none" 2017-12-15 16:25:06 20 172.23.9.239 p07048$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1011 2916 - "none" "none" 2017-12-15 16:25:06 2 172.23.9.239 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1202 2863 - "none" "none" 2017-12-15 16:25:06 2 172.23.9.239 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 1402 462 - "none" "none" 2017-12-15 16:25:06 27 172.23.9.239 p07048$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent" 172.16.1.188 690 3540 - "none" "none" 2017-12-15 16:25:06 1 172.23.9.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?201fef3529d31f54 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 2 172.23.9.45 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?201fef3529d31f54 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 17 172.23.9.45 v21009$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?201fef3529d31f54 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 1 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?288c53e75d2d0c98 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 2 172.23.8.104 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?288c53e75d2d0c98 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 4 172.23.8.104 v10043$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?288c53e75d2d0c98 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:06 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:06 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:06 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:06 5 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 734 - "none" "none" 2017-12-15 16:25:06 1 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:25:06 2 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:25:06 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:25:07 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:07 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:07 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:25:07 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:25:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:25:07 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:25:07 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:07 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:07 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:25:07 5 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:25:07 1 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:25:07 2 192.168.11.95 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:25:07 1 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 4 172.23.8.136 v10-mc15$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 1 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 4 172.23.8.136 v10-mc15$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 4 172.23.8.136 v10-mc15$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 1 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.136 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 4 172.23.8.136 v10-mc15$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 750 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.245 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?59ed4921dbbf3f6c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 2 172.23.8.245 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?59ed4921dbbf3f6c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 4 172.23.8.245 v05103$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?59ed4921dbbf3f6c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:07 6 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:25:07 1 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:25:07 3 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:25:07 814 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:25:08 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1202 790 - "none" "none" 2017-12-15 16:25:08 2 172.20.2.39 - - authentication_failed PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 407 TCP_DENIED POST - http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1402 835 - "none" "none" 2017-12-15 16:25:08 31 172.20.2.39 webex BKI\VIP_Int - PROXIED "Financial Services" http://bkiintra.bki.co.th/surveyorapp/googleMap/mainGMap.aspx?place=13.724731,100.540819%7C%E0%B8%81%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%9E%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2 200 TCP_NC_MISS POST text/plain;%20charset=utf-8 http bkiintra.bki.co.th 80 /surveyorapp/googleMap/InterfaceCallCenter.aspx - aspx "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 2200 1439 - "none" "none" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 4 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:25:08 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 4 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef252124d70c0c5d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 3 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef252124d70c0c5d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 6 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef252124d70c0c5d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 1 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:25:08 2 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:25:08 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:08 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:08 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:08 1583 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Technology/Internet;Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 4703 4841 - "none" "none" 2017-12-15 16:25:08 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 734 - "none" "none" 2017-12-15 16:25:08 42 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1476 1472 - "none" "none" 2017-12-15 16:25:08 2 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:25:08 2 172.23.0.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e81f2e87b935754d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:08 2 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:25:09 2 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:25:09 16 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1011 2682 - "none" "none" 2017-12-15 16:25:09 1 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:09 2 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:09 5 172.23.1.244 v17072$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:25:09 2 172.23.0.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e81f2e87b935754d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 1 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:09 5 172.23.0.107 trainee11$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e81f2e87b935754d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 2 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:09 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:25:09 1 172.23.8.111 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 1 172.23.8.111 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 6 172.23.8.111 v10051$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 1 172.23.8.111 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 2 172.23.8.111 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 3 172.23.8.111 v10051$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 4 172.23.8.111 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 23797 - "none" "none" 2017-12-15 16:25:09 2 172.23.8.111 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:09 8 172.23.8.111 v10051$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 24486 - "none" "none" 2017-12-15 16:25:09 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:25:09 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:25:09 1 172.23.0.78 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eb3365f20bd5c2ef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 106 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1071 103196 - "none" "none" 2017-12-15 16:25:09 18 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1085 95396 - "none" "none" 2017-12-15 16:25:09 2 172.23.0.78 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eb3365f20bd5c2ef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:09 4 172.23.0.78 v20134$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?eb3365f20bd5c2ef cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 2 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?cb31696446d1403a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 2 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?cb31696446d1403a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 5 172.23.8.134 v10-mc09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?cb31696446d1403a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 932 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 1 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?62381bb44db2a718 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 2 172.23.8.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?62381bb44db2a718 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 5 172.23.8.134 v10-mc09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?62381bb44db2a718 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:10 6 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:25:10 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:25:10 4 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:25:10 732 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:25:10 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 306 148 - "none" "none" 2017-12-15 16:25:10 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 239 - "none" "none" 2017-12-15 16:25:10 7 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 489 237 - "none" "none" 2017-12-15 16:25:10 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 328 - "none" "none" 2017-12-15 16:25:10 4 172.23.8.182 0311 BKI\All%20Users policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - - 172.16.1.188 184 793 - "none" "none" 2017-12-15 16:25:10 6 172.23.8.182 0311 BKI\All%20Users policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp r20swj13mr.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 884 - "none" "none" 2017-12-15 16:25:10 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:11 1 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:11 2 172.23.9.93 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:11 4 172.23.9.93 vt70115$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 734 - "none" "none" 2017-12-15 16:25:11 2 172.23.5.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a7625afafa729e1a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 1 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 4 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 1 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 4 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 1 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2ba00b324b74bf1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 2 172.23.9.218 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2ba00b324b74bf1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 4 172.23.9.218 p18006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2ba00b324b74bf1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 3 172.23.5.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a7625afafa729e1a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:11 4 172.23.5.117 v12012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?a7625afafa729e1a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:12 1 172.23.9.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d11064118cbd8b17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:12 2 172.23.9.117 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d11064118cbd8b17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:12 5 172.23.9.117 v20123$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d11064118cbd8b17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:13 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:13 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:25:13 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:25:13 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:13 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:13 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:25:13 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:25:13 1 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?f6a5db0bed686a7b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 2 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?f6a5db0bed686a7b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 4 172.23.8.243 v05148$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?f6a5db0bed686a7b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 1 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?07664436f66ad3b2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 2 172.23.8.243 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?07664436f66ad3b2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 5 172.23.8.243 v05148$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?07664436f66ad3b2 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:13 1 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:25:13 2 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:25:13 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:25:14 1 172.23.5.214 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?44a87f89df5568a0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 2 172.23.5.214 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?44a87f89df5568a0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 5 172.23.5.214 v05007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?44a87f89df5568a0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 1 172.23.10.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c4c7f10ed3fcf310 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 2 172.23.10.34 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c4c7f10ed3fcf310 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 4 172.23.10.34 lg015$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c4c7f10ed3fcf310 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 922 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 1 172.23.6.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ae24b53143c40bc4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 2 172.23.6.147 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ae24b53143c40bc4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:14 4 172.23.6.147 v01013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ae24b53143c40bc4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:15 2 172.23.8.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fd89f7c31478bce7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:15 2 172.23.8.182 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fd89f7c31478bce7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:15 5 172.23.8.182 v05047$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?fd89f7c31478bce7 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:15 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b3b03d4ab258fd45 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:15 2 172.23.8.107 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b3b03d4ab258fd45 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:15 5 172.23.8.107 v10046$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b3b03d4ab258fd45 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:17 1 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b00db5a58630cf4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:17 2 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b00db5a58630cf4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:17 6 172.23.8.212 v05082$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?7b00db5a58630cf4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 2 172.16.4.237 - - authentication_failed DENIED "Business/Economy" - 407 TCP_DENIED CONNECT - tcp bki.driveprofiler.net 443 / - - - 172.16.1.188 489 164 - "none" "none" 2017-12-15 16:25:19 1 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:19 2 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:19 3 172.23.10.138 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:19 1 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:19 2 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:19 3 172.23.10.138 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:19 2 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:19 2 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:19 3 172.23.10.138 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:19 1 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:19 2 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:19 4 172.23.10.138 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:19 2 172.23.8.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ff168e0cf0224067 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 1 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:19 2 172.23.9.146 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7d14e71c48e0532 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 1 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:19 3 172.23.8.234 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ff168e0cf0224067 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 3 172.23.10.138 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:19 4 172.23.8.234 v20013$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ff168e0cf0224067 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 2 172.23.9.146 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7d14e71c48e0532 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 1 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:19 4 172.23.9.146 v10056$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b7d14e71c48e0532 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:19 2 172.23.10.138 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:19 3 172.23.10.138 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:20 1 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 1 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 4 172.23.8.80 v10016$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 1 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 2 172.23.8.80 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 4 172.23.8.80 v10016$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 1 172.23.8.109 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?96695b3d21a2a82a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 5 172.23.8.80 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27275 - "none" "none" 2017-12-15 16:25:20 2 172.23.8.109 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?96695b3d21a2a82a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 4 172.23.8.109 v10050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?96695b3d21a2a82a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:20 2 172.23.8.80 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:20 9 172.23.8.80 v10016$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27964 - "none" "none" 2017-12-15 16:25:21 1 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:21 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:21 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 742 - "Microsoft Update" "Update Software" 2017-12-15 16:25:21 1 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:21 2 172.23.9.98 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:21 4 172.23.9.98 vt70118$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 742 - "Microsoft Update" "Update Software" 2017-12-15 16:25:22 115 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:25:22 24 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:25:22 115 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:25:22 25 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 254 - "YouTube" "none" 2017-12-15 16:25:22 2 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:25:22 3 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:25:22 4 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:25:22 4 172.20.0.221 - - authentication_failed DENIED "Audio/Video Clips" - 407 TCP_DENIED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 343 - "YouTube" "none" 2017-12-15 16:25:22 3 172.23.9.35 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e20c1874759b12fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:22 2 172.23.9.35 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e20c1874759b12fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:22 5 172.23.9.35 v05143$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e20c1874759b12fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:22 7 172.19.2.51 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 306 81 - "none" "none" 2017-12-15 16:25:22 2 172.19.2.51 - - authentication_failed DENIED "Whitelist;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 489 170 - "none" "none" 2017-12-15 16:25:23 6 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?cf00a1d8bba06c53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1549 231 - "Microsoft Update" "Update Software" 2017-12-15 16:25:23 2 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?cf00a1d8bba06c53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1749 356 - "Microsoft Update" "Update Software" 2017-12-15 16:25:23 5 172.23.9.119 v20126$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/authrootstl.cab ?cf00a1d8bba06c53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1172 920 - "Microsoft Update" "Update Software" 2017-12-15 16:25:23 1 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?21fea43776ce8923 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:23 2 172.23.9.119 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?21fea43776ce8923 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:23 4 172.23.9.119 v20126$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?21fea43776ce8923 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:23 1424 172.19.2.51 3173 BKI\Internet%20Group - OBSERVED "Whitelist;Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp ans.oobesaas.adobe.com 443 / - - - 172.16.1.188 3860 2780 - "none" "none" 2017-12-15 16:25:24 2 172.23.10.183 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?133db966735183c9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:24 2 172.23.10.183 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?133db966735183c9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:24 5 172.23.10.183 bcpbv003$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?133db966735183c9 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:24 155991 172.23.6.155 secretary_fi_svp BKI\VIP_Int - OBSERVED "Web Ads/Analytics" - 200 TCP_TUNNELED CONNECT - tcp googleads.g.doubleclick.net 443 / - - "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 1444 1873 - "none" "none" 2017-12-15 16:25:24 187663 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Online Meetings" - 200 TCP_TUNNELED CONNECT - tcp mediaedge0f.online.lync.com 443 / - - - 172.16.1.188 283574 665232 - "Lync Online" "none" 2017-12-15 16:25:24 8 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:24 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:24 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:25:25 2892 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 1454611 6296 - "YouTube" "none" 2017-12-15 16:25:25 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:25:25 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:25 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:25 10 172.23.7.131 v10004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:25 1 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:25 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:25 4 172.23.7.131 v10004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 2 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa8f4d79a29f850d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 2 172.23.8.112 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa8f4d79a29f850d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 4 172.23.8.112 v10052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?aa8f4d79a29f850d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 1 172.23.9.17 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a2be2974b623fe0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 3 172.23.9.17 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a2be2974b623fe0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 4 172.23.9.17 v03005$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?5a2be2974b623fe0 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 1 172.23.8.250 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?546f2f69aee1f219 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 2 172.23.8.250 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?546f2f69aee1f219 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 5 172.23.8.250 v05108$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?546f2f69aee1f219 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:26 9 172.30.19.199 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED GET - http en-us.appex-rf.msn.com 80 /cgtile/v1/en-US/HealthAndFitness/Home.xml - xml "Microsoft-WNS/6.3" 172.16.1.188 1512 167 - "none" "none" 2017-12-15 16:25:26 6 172.30.19.199 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED GET - http en-us.appex-rf.msn.com 80 /cgtile/v1/en-US/News/Today.xml - xml "Microsoft-WNS/6.3" 172.16.1.188 1501 156 - "none" "none" 2017-12-15 16:25:26 2 172.30.19.199 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED GET - http en-us.appex-rf.msn.com 80 /cgtile/v1/en-US/HealthAndFitness/Home.xml - xml "Microsoft-WNS/6.3" 172.16.1.188 1712 286 - "none" "none" 2017-12-15 16:25:26 8 172.30.19.199 4074 BKI\Dept_Motor%20Claim%20Department%20Group policy_denied DENIED "Search Engines/Portals" - 403 TCP_DENIED GET - http en-us.appex-rf.msn.com 80 /cgtile/v1/en-US/HealthAndFitness/Home.xml - xml "Microsoft-WNS/6.3" 172.16.1.188 1135 854 - "none" "none" 2017-12-15 16:25:26 3 172.30.19.199 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED GET - http en-us.appex-rf.msn.com 80 /cgtile/v1/en-US/News/Today.xml - xml "Microsoft-WNS/6.3" 172.16.1.188 1701 275 - "none" "none" 2017-12-15 16:25:26 9 172.30.19.199 4074 BKI\Dept_Motor%20Claim%20Department%20Group policy_denied DENIED "Search Engines/Portals" - 403 TCP_DENIED GET - http en-us.appex-rf.msn.com 80 /cgtile/v1/en-US/News/Today.xml - xml "Microsoft-WNS/6.3" 172.16.1.188 1124 843 - "none" "none" 2017-12-15 16:25:26 64 172.30.19.199 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED GET - http foodanddrink.services.appex.bing.com 80 /api/feed/ ?view-name=data&name=livetile&market=en-US&version=2_0&format=xml - "Microsoft-WNS/6.3" 172.16.1.188 1559 228 - "none" "none" 2017-12-15 16:25:26 3 172.30.19.199 - - authentication_failed DENIED "Search Engines/Portals" - 407 TCP_DENIED GET - http foodanddrink.services.appex.bing.com 80 /api/feed/ ?view-name=data&name=livetile&market=en-US&version=2_0&format=xml - "Microsoft-WNS/6.3" 172.16.1.188 1759 347 - "none" "none" 2017-12-15 16:25:26 8 172.30.19.199 4074 BKI\Dept_Motor%20Claim%20Department%20Group policy_denied DENIED "Search Engines/Portals" - 403 TCP_DENIED GET - http foodanddrink.services.appex.bing.com 80 /api/feed/ ?view-name=data&name=livetile&market=en-US&version=2_0&format=xml - "Microsoft-WNS/6.3" 172.16.1.188 1182 915 - "none" "none" 2017-12-15 16:25:26 1 172.23.10.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d158d72b7ba700d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 3 172.23.10.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d158d72b7ba700d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 4 172.23.10.140 v11052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d158d72b7ba700d cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 1 172.23.6.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 2 172.23.6.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 4 172.23.6.122 v15037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 1 172.23.6.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 1 172.23.6.122 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:27 4 172.23.6.122 v15037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 13 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 4 172.23.0.138 lcstest02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2d29cf6394e7c7b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 2 172.23.1.244 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2d29cf6394e7c7b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c2d29cf6394e7c7b cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 1 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ba80384c843f1657 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 2 172.23.0.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ba80384c843f1657 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:28 5 172.23.0.135 lcstest04$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ba80384c843f1657 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:29 1 172.23.8.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8de34e1112df643f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:29 3 172.23.8.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8de34e1112df643f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:29 4 172.23.8.202 v05070$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?8de34e1112df643f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:29 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:29 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:29 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:25:29 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:25:29 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:29 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:29 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:25:29 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:25:29 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:29 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:29 3 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:25:30 1 172.23.10.196 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?92650d46c70ec869 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 172.23.10.196 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?92650d46c70ec869 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 4 172.23.10.196 bcppb001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?92650d46c70ec869 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:30 1 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 4 172.23.0.138 lcstest02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:30 1 172.23.10.174 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?15af34dca426206c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:25:30 2 172.23.10.174 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?15af34dca426206c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 7 172.23.10.174 bcpfb001$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?15af34dca426206c cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 172.23.9.95 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?802338e76f2b1c17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 172.23.9.95 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?802338e76f2b1c17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 4 172.23.9.95 vt70111$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?802338e76f2b1c17 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 1 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?50ff57cd74ee14fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 2 172.23.0.141 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?50ff57cd74ee14fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:30 4 172.23.0.141 lcstest09$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?50ff57cd74ee14fc cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:31 3 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e6a0aee6d26dc244 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:31 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e6a0aee6d26dc244 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:31 4 172.23.0.138 lcstest02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?e6a0aee6d26dc244 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 942 - "Microsoft Update" "Update Software" 2017-12-15 16:25:31 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:31 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:31 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:25:32 1 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:32 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 2 172.23.0.138 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 4 172.23.0.138 lcstest02$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 754 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 1 172.23.1.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 2 172.23.1.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 5 172.23.1.241 v21017$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 1 172.23.1.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 2 172.23.1.241 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 4 172.23.1.241 v21017$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:32 5 172.23.1.241 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:25:32 2 172.23.1.241 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:32 17 172.23.1.241 v21017$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:25:33 1 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:33 5 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:33 92 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:33 3 172.23.9.14 v05128$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:25:34 2 172.23.8.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?77899ab8f173a67e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:34 2 172.23.8.154 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?77899ab8f173a67e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:34 4 172.23.8.154 v10-mc26$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?77899ab8f173a67e cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:35 2 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 306 233 - "Google Talk" "none" 2017-12-15 16:25:35 3 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 489 322 - "Google Talk" "none" 2017-12-15 16:25:35 5 172.23.8.72 4173 BKI\Internet%20Group policy_denied DENIED "Chat (IM)/SMS" - 403 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 184 874 - "Google Talk" "none" 2017-12-15 16:25:35 1 172.23.6.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f15e5b3046a94cbe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:35 2 172.23.6.5 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f15e5b3046a94cbe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:35 4 172.23.6.5 v14049$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?f15e5b3046a94cbe cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:35 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:35 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:35 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:25:35 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:25:35 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:35 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:35 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:25:35 1 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:35 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:25:35 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:35 4 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?477d0d7355401788 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 2 172.23.5.103 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?477d0d7355401788 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 6 172.23.5.103 v17042$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?477d0d7355401788 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 1 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 4 172.23.7.131 v10004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 5 172.23.7.131 v10004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 5 172.23.7.131 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:25:36 2 172.23.7.131 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:36 8 172.23.7.131 v10004$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:25:36 1 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 2 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 5 172.23.7.131 v10004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 1 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 1 172.23.7.131 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:36 4 172.23.7.131 v10004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 1 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef5a6db541d2da66 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 2 172.23.8.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef5a6db541d2da66 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 4 172.23.8.175 v08014$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ef5a6db541d2da66 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 1 172.23.9.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b6d5279e981cf03 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 2 172.23.9.70 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b6d5279e981cf03 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 5 172.23.9.70 vt100525$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0b6d5279e981cf03 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 2 172.23.7.148 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?86aa275dffdbd8d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 2 172.23.7.148 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?86aa275dffdbd8d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 4 172.23.7.148 v10010$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?86aa275dffdbd8d6 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 1 172.23.9.161 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:37 1 172.23.9.161 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:37 2 172.23.9.161 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:37 4 172.23.9.161 lg006$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 726 - "none" "none" 2017-12-15 16:25:37 3 172.23.9.161 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 4041 - "none" "none" 2017-12-15 16:25:37 3 172.23.9.161 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 4041 - "none" "none" 2017-12-15 16:25:37 2 172.23.9.161 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:25:37 6 172.23.9.161 lg006$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 4726 - "none" "none" 2017-12-15 16:25:37 2 172.16.53.21 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED GET - http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513355137 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 1506 480 - "none" "none" 2017-12-15 16:25:37 2 172.16.53.21 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED GET - http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513355137 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 1506 480 - "none" "none" 2017-12-15 16:25:37 2 172.16.53.21 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED GET - http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513355137 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 1706 569 - "none" "none" 2017-12-15 16:25:37 1 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 2 172.23.7.219 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 4 172.23.7.219 v05040$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 1 172.23.8.245 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0a7b7a73d9fad8a4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 2 172.23.8.245 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0a7b7a73d9fad8a4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 4 172.23.8.245 v05103$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0a7b7a73d9fad8a4 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:37 412 172.16.53.21 monitor BKI\Internet%20Group - OBSERVED "Technology/Internet" - 200 TCP_NC_MISS GET text/plain;%20charset=UTF-8 http sync.bigfix.com 80 /cgi-bin/bfgather/webui-common ?Time=1513355137 - "Mozilla/4.0 (compatible; MSIE 8.0; Win32; BigFix BESGather 9.2.5.130)" 172.16.1.188 294 1149 - "none" "none" 2017-12-15 16:25:38 6 172.16.2.73 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:38 2 172.16.2.73 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:38 3 172.16.2.73 vcvdi01s$ - policy_denied DENIED "Technology/Internet" - 403 TCP_DENIED CONNECT - tcp ent-shasta-rrs.symantec.com 443 / - - - 172.16.1.188 184 756 - "none" "none" 2017-12-15 16:25:38 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:25:38 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 489 268 - "none" "none" 2017-12-15 16:25:38 5 172.23.8.182 0311 BKI\All%20Users policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 184 824 - "none" "none" 2017-12-15 16:25:38 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:25:38 2 172.23.8.182 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 489 324 - "none" "none" 2017-12-15 16:25:38 5 172.23.8.182 0311 BKI\All%20Users policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 184 880 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:38 4 172.23.9.230 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:38 2 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:38 3 172.23.9.230 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:38 3 172.23.9.230 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:38 2 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:38 3 172.23.9.230 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:38 1 172.23.9.230 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:38 3 172.23.9.230 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 288 - "none" "none" 2017-12-15 16:25:38 1 172.23.7.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?06587833d1ce6cdd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:38 2 172.23.7.160 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?06587833d1ce6cdd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:38 5 172.23.7.160 v05037$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?06587833d1ce6cdd cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 2 172.23.7.57 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ea9f7dc96214c949 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 2 172.23.7.57 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ea9f7dc96214c949 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 5 172.23.7.57 v20106$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ea9f7dc96214c949 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 1 172.23.6.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b493d860cc80c554 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 1 172.23.6.193 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b493d860cc80c554 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 4 172.23.6.193 v20012$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b493d860cc80c554 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 2 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:25:39 1 172.23.9.14 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:25:39 4 172.23.9.14 v05128$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:25:39 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:25:39 1 172.23.9.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28631808e60a171f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:39 3 172.23.9.135 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28631808e60a171f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 6 172.23.9.135 testpool5$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?28631808e60a171f cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 930 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 1 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 6 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 1 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 2 172.23.0.79 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 4 172.23.0.79 v20132$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:40 1 172.16.3.72 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED CONNECT - tcp excmbx03.bki.co.th 444 / - - - 172.16.1.188 305 73 - "none" "none" 2017-12-15 16:25:41 3 172.23.6.15 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp mtalk.google.com 5228 / - - - 172.16.1.188 306 101 - "Google Talk" "none" 2017-12-15 16:25:41 1 172.23.7.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?727423fcf45e0dcb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:41 3 172.23.7.32 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?727423fcf45e0dcb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:41 5 172.23.7.32 v20096$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?727423fcf45e0dcb cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:41 41 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1098 1248 - "none" "none" 2017-12-15 16:25:42 2 172.23.8.141 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:25:42 1 172.23.8.141 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; rv:11.0) like Gecko" 172.16.1.188 306 235 - "none" "none" 2017-12-15 16:25:42 1 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151625 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 269 - "none" "none" 2017-12-15 16:25:42 2 172.23.1.244 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151625 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 394 - "none" "none" 2017-12-15 16:25:42 3 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS HEAD text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151625 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 214 958 - "none" "none" 2017-12-15 16:25:42 2 172.23.1.244 v17072$ - - PROXIED "Financial Services" - 404 TCP_NC_MISS GET text/html http sccmwsussrv01.bki.co.th 8530 /Content/87/94ABE7D9A36E38E87EEB49D81699059DF1879A87.txt ?1712151625 txt "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1459 304 - "none" "none" 2017-12-15 16:25:42 4 172.23.0.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?532db2c29fac5b4a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:42 2 172.23.0.164 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?532db2c29fac5b4a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:42 4 172.23.0.164 v07004$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?532db2c29fac5b4a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:42 1 172.23.7.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d46f6d521ec7591 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:42 2 172.23.7.200 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d46f6d521ec7591 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:42 4 172.23.7.200 v16033$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?2d46f6d521ec7591 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:43 1 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 306 233 - "Google Talk" "none" 2017-12-15 16:25:43 3 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 489 322 - "Google Talk" "none" 2017-12-15 16:25:43 5 172.23.8.72 4173 BKI\Internet%20Group policy_denied DENIED "Chat (IM)/SMS" - 403 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 184 874 - "Google Talk" "none" 2017-12-15 16:25:43 784281 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r3---sn-w5nuxa-c33er.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 28548940 28328 - "YouTube" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:43 3 172.23.9.104 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 284 - "none" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:43 2 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:43 3 172.23.9.104 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 284 - "none" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:43 6 172.23.9.104 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 284 - "none" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:43 2 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:43 4 172.23.9.104 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 284 - "none" "none" 2017-12-15 16:25:43 1 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:43 2 172.23.9.104 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:43 3 172.23.9.104 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 284 - "none" "none" 2017-12-15 16:25:44 2 172.23.7.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:44 1 172.23.7.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:44 2 172.23.7.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:44 6 172.23.7.239 v16064$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:25:44 2 172.23.7.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2448 - "none" "none" 2017-12-15 16:25:44 2 172.23.7.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2448 - "none" "none" 2017-12-15 16:25:44 3 172.23.7.239 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:25:44 5 172.23.7.239 v16064$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3137 - "none" "none" 2017-12-15 16:25:44 1 172.23.7.239 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 2 172.23.5.214 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c1c2efe7dce72b14 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 1 172.23.7.239 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 2 172.23.5.214 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c1c2efe7dce72b14 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 2 172.23.7.239 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 5 172.23.5.214 v05007$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c1c2efe7dce72b14 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 6 172.23.7.239 v16064$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 3 172.23.7.239 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 2 172.23.7.239 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 3 172.23.7.239 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 5 172.23.7.239 v16064$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 1 172.23.4.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b013aa6aaa6d1a0a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 2 172.23.4.134 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b013aa6aaa6d1a0a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:44 4 172.23.4.134 v20074$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b013aa6aaa6d1a0a cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:45 1 172.23.9.230 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ffe669e75f29c854 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:45 2 172.23.9.230 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ffe669e75f29c854 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:46 5 172.23.9.230 vt100549$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ffe669e75f29c854 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:46 1 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 306 233 - "Google Talk" "none" 2017-12-15 16:25:46 2 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 489 322 - "Google Talk" "none" 2017-12-15 16:25:46 5 172.23.8.72 4173 BKI\Internet%20Group policy_denied DENIED "Chat (IM)/SMS" - 403 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 184 874 - "Google Talk" "none" 2017-12-15 16:25:46 1 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:25:46 5 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:25:47 1 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0f58f72a7b08b60f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:47 2 172.23.8.212 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0f58f72a7b08b60f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:47 4 172.23.8.212 v05082$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?0f58f72a7b08b60f cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:47 1 172.23.5.108 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:47 1 172.23.5.108 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:47 1 172.23.5.108 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:47 4 172.23.5.108 v12003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:25:47 2 172.23.5.108 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:47 2 172.23.5.108 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:47 2 172.23.5.108 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:25:47 5 172.23.5.108 v12003$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:25:47 1 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 97 - "none" "none" 2017-12-15 16:25:47 2 172.23.1.244 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 186 - "none" "none" 2017-12-15 16:25:47 4 172.23.1.244 v17072$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp watson.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 750 - "none" "none" 2017-12-15 16:25:47 8 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:47 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:25:48 1501 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1559 2912 - "Facebook" "none" 2017-12-15 16:25:48 2 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 306 233 - "Google Talk" "none" 2017-12-15 16:25:48 2 172.23.8.72 - - authentication_failed DENIED "Chat (IM)/SMS" - 407 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 489 322 - "Google Talk" "none" 2017-12-15 16:25:48 5 172.23.8.72 4173 BKI\Internet%20Group policy_denied DENIED "Chat (IM)/SMS" - 403 TCP_DENIED CONNECT - tcp hangouts.google.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 172.16.1.188 184 874 - "Google Talk" "none" 2017-12-15 16:25:48 1 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 185 - "none" "none" 2017-12-15 16:25:48 2 172.16.22.21 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 274 - "none" "none" 2017-12-15 16:25:48 96792 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-30a7yne7.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 7546284 11041 - "YouTube" "none" 2017-12-15 16:25:48 96923 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r2---sn-w5nuxa-c33ll.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 2654047 11671 - "YouTube" "none" 2017-12-15 16:25:48 6 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1472 155 - "none" "none" 2017-12-15 16:25:48 2 172.16.22.21 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1672 280 - "none" "none" 2017-12-15 16:25:48 5 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Non-Viewable/Infrastructure" - 200 TCP_HIT GET text/plain http gp.symcb.com 80 /gp.crt - crt "Microsoft-CryptoAPI/5.131.3790.3959" 172.16.1.188 1391 440 - "none" "none" 2017-12-15 16:25:48 639 172.16.22.21 webex BKI\VIP_Int - OBSERVED "Online Meetings;Remote Access Tools" - 200 TCP_TUNNELED CONNECT - tcp download.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 2945 822 - "none" "none" 2017-12-15 16:25:49 1 172.30.37.152 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d15d24f57e6818d1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:49 3 172.30.37.152 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d15d24f57e6818d1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:49 9 172.30.37.152 a55003-aya$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d15d24f57e6818d1 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:49 7 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http s.symcd.com 80 /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ%2FYHKj6JjF6UBieQioTYpFsuEriQQUtnf6aUhHn1MS1cLqBzJ2B9GXBxkCECqVMhjhC0t7b9FLKp7DDSY%3D - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1581 251 - "none" "none" 2017-12-15 16:25:49 2 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http s.symcd.com 80 /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ%2FYHKj6JjF6UBieQioTYpFsuEriQQUtnf6aUhHn1MS1cLqBzJ2B9GXBxkCECqVMhjhC0t7b9FLKp7DDSY%3D - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1781 376 - "none" "none" 2017-12-15 16:25:49 7 172.30.37.152 a55003-aya$ - policy_denied DENIED "Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http s.symcd.com 80 /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ%2FYHKj6JjF6UBieQioTYpFsuEriQQUtnf6aUhHn1MS1cLqBzJ2B9GXBxkCECqVMhjhC0t7b9FLKp7DDSY%3D - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1205 952 - "none" "none" 2017-12-15 16:25:49 2 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http s.symcb.com 80 /universal-root.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1483 153 - "none" "none" 2017-12-15 16:25:49 3 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http s.symcb.com 80 /universal-root.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1683 278 - "none" "none" 2017-12-15 16:25:49 8 172.30.37.152 a55003-aya$ - policy_denied DENIED "Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http s.symcb.com 80 /universal-root.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1106 854 - "none" "none" 2017-12-15 16:25:49 4 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http rh.symcd.com 80 /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSC0zVd6pjOUVWlktvNnaI0Pah3iQQUq4sRSQsqAmJ1SpvFAiCghNJL%2BN4CEH0aoA02oatPgEwVOASHYeA%3D - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1582 253 - "none" "none" 2017-12-15 16:25:49 2 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http rh.symcd.com 80 /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSC0zVd6pjOUVWlktvNnaI0Pah3iQQUq4sRSQsqAmJ1SpvFAiCghNJL%2BN4CEH0aoA02oatPgEwVOASHYeA%3D - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1782 378 - "none" "none" 2017-12-15 16:25:49 9 172.30.37.152 a55003-aya$ - policy_denied DENIED "Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http rh.symcd.com 80 /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSC0zVd6pjOUVWlktvNnaI0Pah3iQQUq4sRSQsqAmJ1SpvFAiCghNJL%2BN4CEH0aoA02oatPgEwVOASHYeA%3D - - "Microsoft-CryptoAPI/6.1" 172.16.1.188 1206 954 - "none" "none" 2017-12-15 16:25:49 7 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http rh.symcb.com 80 /rh.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1472 143 - "none" "none" 2017-12-15 16:25:49 2 172.30.37.152 - - authentication_failed DENIED "Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http rh.symcb.com 80 /rh.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1672 268 - "none" "none" 2017-12-15 16:25:49 8 172.30.37.152 a55003-aya$ - policy_denied DENIED "Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http rh.symcb.com 80 /rh.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1095 844 - "none" "none" 2017-12-15 16:25:49 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 306 79 - "Office 365 Exchange" "none" 2017-12-15 16:25:49 1 172.23.4.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:49 2 172.23.4.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:49 3 172.23.4.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:49 1 172.23.4.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:49 2 172.23.4.200 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:49 3 172.23.4.200 anonymous%20logon - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 280 - "none" "none" 2017-12-15 16:25:50 2 192.168.11.95 - - authentication_failed DENIED "o356;Email" - 407 TCP_DENIED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 489 168 - "Office 365 Exchange" "none" 2017-12-15 16:25:50 1 172.23.7.132 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 1 172.23.7.132 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 4 172.23.7.132 v10006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 1 172.23.7.132 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 1 172.23.7.132 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 3 172.23.7.132 v10006$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 5 172.23.7.132 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27238 - "none" "none" 2017-12-15 16:25:50 2 172.23.7.132 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:50 27 172.23.7.132 v10006$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27927 - "none" "none" 2017-12-15 16:25:50 1 172.23.8.210 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 306 179 - "none" "none" 2017-12-15 16:25:50 2 172.23.6.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30c7567b244cef71 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 2 172.23.6.233 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30c7567b244cef71 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 5 172.23.6.233 v20022$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?30c7567b244cef71 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:50 2 172.23.8.210 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp iecvlist.microsoft.com 443 / - - "Internet Explorer" 172.16.1.188 489 268 - "none" "none" 2017-12-15 16:25:51 6 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ebb47fdfc7ba2840 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:51 2 172.23.0.75 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ebb47fdfc7ba2840 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:51 5 172.23.0.75 v20133$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?ebb47fdfc7ba2840 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:51 1 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:25:51 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:25:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:51 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 306 164 - "none" "none" 2017-12-15 16:25:51 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 489 253 - "none" "none" 2017-12-15 16:25:51 3 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED CONNECT - tcp ping3.teamviewer.com 443 / - - "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 184 429 - "none" "none" 2017-12-15 16:25:52 1 172.23.6.105 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:52 1 172.23.6.105 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:52 2 172.23.6.105 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:52 4 172.23.6.105 v15016$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:25:52 2 172.23.6.105 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:52 2 172.23.6.105 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:52 2 172.23.6.105 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:25:52 5 172.23.6.105 v15016$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:25:52 1 172.23.9.35 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?47db0c5a56dd73a5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:52 2 172.23.9.35 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?47db0c5a56dd73a5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:52 29 172.23.9.35 v05143$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?47db0c5a56dd73a5 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:53 31044 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 71539 2800 - "YouTube" "none" 2017-12-15 16:25:53 1 172.23.7.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cc66e6f0e4a60a75 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:53 2 172.23.7.142 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cc66e6f0e4a60a75 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:53 4 172.23.7.142 v10008$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?cc66e6f0e4a60a75 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:53 1 172.16.46.126 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 306 69 - "none" "none" 2017-12-15 16:25:53 2 172.16.46.126 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 489 158 - "none" "none" 2017-12-15 16:25:53 5 172.16.46.126 administrator - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 252 774 - "none" "none" 2017-12-15 16:25:53 2 172.16.46.126 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 489 158 - "none" "none" 2017-12-15 16:25:53 4 172.16.46.126 administrator - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp tools.google.com 443 / - - - 172.16.1.188 252 774 - "none" "none" 2017-12-15 16:25:54 1778121 172.23.8.14 1126 BKI\VIP_Int - OBSERVED "Technology/Internet" - 200 TCP_TUNNELED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 7612 3082 - "none" "none" 2017-12-15 16:25:54 1 172.23.8.14 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 306 248 - "none" "none" 2017-12-15 16:25:54 7 172.23.8.14 - - authentication_failed DENIED "Technology/Internet" - 407 TCP_DENIED CONNECT - tcp safebrowsing.googleapis.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 489 337 - "none" "none" 2017-12-15 16:25:55 1 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 5 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 3 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 1 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 1 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 353 236 - "none" "none" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 4 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED HEAD - http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 536 361 - "none" "none" 2017-12-15 16:25:55 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 4 172.23.8.186 v05054$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS HEAD application/vnd.ms-cab-compressed http sccmwsussrv01.bki.co.th 8530 /selfupdate/wuident.cab ?1712151625 cab "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 326 925 - "none" "none" 2017-12-15 16:25:55 1 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?42569362d2ecef42 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 2 172.23.8.186 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?42569362d2ecef42 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?42569362d2ecef42 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:55 7 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 306 226 - "Facebook" "none" 2017-12-15 16:25:55 5 172.23.5.238 - - authentication_failed DENIED "Social Networking" - 407 TCP_DENIED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 489 315 - "Facebook" "none" 2017-12-15 16:25:56 1 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 783 - "none" "none" 2017-12-15 16:25:56 2 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 589 - "none" "none" 2017-12-15 16:25:56 17 172.23.8.186 v05054$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /SimpleAuthWebService/SimpleAuth.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1487 1472 - "none" "none" 2017-12-15 16:25:56 1 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:25:56 1 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 1993 - "none" "none" 2017-12-15 16:25:56 2 172.23.8.186 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 564 - "none" "none" 2017-12-15 16:25:56 34 172.23.8.186 v05054$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1004 2682 - "none" "none" 2017-12-15 16:25:56 33793 172.20.0.221 3008 BKI\Dept_Motor%20Claim%20Department%20Group - OBSERVED "Audio/Video Clips" - 200 TCP_TUNNELED CONNECT - tcp r6---sn-w5nuxa-c33le.googlevideo.com 443 / - - "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 172.16.1.188 2014683 9049 - "YouTube" "none" 2017-12-15 16:25:56 1 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:56 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:56 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:25:56 1 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 306 91 - "none" "none" 2017-12-15 16:25:56 2 172.23.8.186 - - authentication_failed DENIED "o356;Technology/Internet;Web Ads/Analytics" - 407 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 489 180 - "none" "none" 2017-12-15 16:25:56 4 172.23.8.186 v05054$ - policy_denied DENIED "o356;Technology/Internet;Web Ads/Analytics" - 403 TCP_DENIED CONNECT - tcp sqm.telemetry.microsoft.com 443 / - - - 172.16.1.188 184 744 - "none" "none" 2017-12-15 16:25:56 1 172.23.0.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c6726d83421de2a4 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:56 3 172.23.0.175 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c6726d83421de2a4 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:56 8 172.23.0.175 clone-win7$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?c6726d83421de2a4 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 938 - "Microsoft Update" "Update Software" 2017-12-15 16:25:56 1 172.23.8.0 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?32d02eb29d3a16a8 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:56 3 172.23.8.0 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?32d02eb29d3a16a8 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:56 5 172.23.8.0 p02031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?32d02eb29d3a16a8 cab "Microsoft-CryptoAPI/6.1" 172.16.1.188 1178 914 - "Microsoft Update" "Update Software" 2017-12-15 16:25:56 6 172.23.8.0 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1509 185 - "none" "none" 2017-12-15 16:25:56 2 172.23.8.0 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1709 310 - "none" "none" 2017-12-15 16:25:56 3 172.23.8.0 p02031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/microsoftrootcert.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1132 862 - "none" "none" 2017-12-15 16:25:56 1 172.23.8.0 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1515 191 - "none" "none" 2017-12-15 16:25:56 2 172.23.8.0 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1715 316 - "none" "none" 2017-12-15 16:25:56 4 172.23.8.0 p02031$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http crl.microsoft.com 80 /pki/crl/products/MicCodSigPCA_08-31-2010.crl - crl "Microsoft-CryptoAPI/6.1" 172.16.1.188 1138 868 - "none" "none" 2017-12-15 16:25:56 96 172.23.8.186 v05054$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1067 103594 - "none" "none" 2017-12-15 16:25:57 21 172.23.8.186 v05054$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ClientWebService/client.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1076 102642 - "none" "none" 2017-12-15 16:25:57 2 172.23.10.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b66fa379d8f50a53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:57 2 172.23.10.140 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b66fa379d8f50a53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:57 4 172.23.10.140 v11052$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?b66fa379d8f50a53 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:57 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:57 27865 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 7593 10558 - "Office 365 Exchange" "none" 2017-12-15 16:25:57 33317 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 6762 24755 - "Office 365 Exchange" "none" 2017-12-15 16:25:57 27200 192.168.11.95 4060 BKI\Information%20Technology%20Group - OBSERVED "o356;Email" - 200 TCP_TUNNELED CONNECT - tcp outlook.office365.com 443 / - - - 172.16.1.188 20123 27416 - "Office 365 Exchange" "none" 2017-12-15 16:25:57 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:57 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:25:57 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:25:57 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:57 2 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1540 231 - "none" "none" 2017-12-15 16:25:57 3 172.16.11.22 - - authentication_failed DENIED "Online Meetings;Remote Access Tools" - 407 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1740 320 - "none" "none" 2017-12-15 16:25:57 4 172.16.11.22 unwadmin - policy_denied DENIED "Online Meetings;Remote Access Tools" - 403 TCP_DENIED GET - http ping3.teamviewer.com 80 /din.aspx ?s=00000000&id=704417881&client=DynGate&p=10000001 aspx "Mozilla/4.0 (compatible; MSIE 6.0; DynGate)" 172.16.1.188 1163 496 - "none" "none" 2017-12-15 16:25:58 2507 172.23.5.238 2568 BKI\Internet%20Group - OBSERVED "Social Networking" - 200 TCP_TUNNELED CONNECT - tcp www.facebook.com 443 / - - "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" 172.16.1.188 1602 3077 - "Facebook" "none" 2017-12-15 16:25:58 1 172.23.9.86 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:58 1 172.23.9.86 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:58 13 172.23.9.86 vt70104$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 742 - "Microsoft Update" "Update Software" 2017-12-15 16:25:58 1 172.23.9.86 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:58 1 172.23.9.86 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:58 5 172.23.9.86 vt70104$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp sls.update.microsoft.com 443 / - - - 172.16.1.188 184 742 - "Microsoft Update" "Update Software" 2017-12-15 16:25:58 4 172.23.9.86 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1202 27273 - "none" "none" 2017-12-15 16:25:58 2 172.23.9.86 - - authentication_failed PROXIED "Financial Services" - 407 TCP_DENIED POST - http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1402 563 - "none" "none" 2017-12-15 16:25:58 20 172.23.9.86 vt70104$ - - PROXIED "Financial Services" - 200 TCP_NC_MISS POST text/xml;%20charset=utf-8 http sccmwsussrv01.bki.co.th 8530 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 608 27966 - "none" "none" 2017-12-15 16:25:59 1 172.23.7.224 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:59 1 172.23.7.224 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 306 77 - "none" "none" 2017-12-15 16:25:59 1 172.23.7.224 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 489 166 - "none" "none" 2017-12-15 16:25:59 4 172.23.7.224 v16050$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED CONNECT - tcp fe2.ws.microsoft.com 443 / - - - 172.16.1.188 184 730 - "none" "none" 2017-12-15 16:25:59 1 172.23.8.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d26e20b5824b5498 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1555 237 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 2 172.23.8.202 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d26e20b5824b5498 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1755 362 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 4 172.23.8.202 v05070$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED GET - http ctldl.windowsupdate.com 80 /msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab ?d26e20b5824b5498 cab "Microsoft-CryptoAPI/6.3" 172.16.1.188 1178 926 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1515 2449 - "none" "none" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Technology/Internet" - 407 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1715 557 - "none" "none" 2017-12-15 16:25:59 4 172.23.7.224 v16050$ - policy_denied DENIED "o356;Technology/Internet" - 403 TCP_DENIED POST - http statsfe2.ws.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1138 3138 - "none" "none" 2017-12-15 16:25:59 1 172.23.7.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 1 172.23.7.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 306 85 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 489 174 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 4 172.23.7.224 v16050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED CONNECT - tcp fe2.update.microsoft.com 443 / - - - 172.16.1.188 184 738 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1527 2447 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 2 172.23.7.224 - - authentication_failed DENIED "o356;Non-Viewable/Infrastructure" - 407 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1727 565 - "Microsoft Update" "Update Software" 2017-12-15 16:25:59 5 172.23.7.224 v16050$ - policy_denied DENIED "o356;Non-Viewable/Infrastructure" - 403 TCP_DENIED POST - http statsfe2.update.microsoft.com 80 /ReportingWebService/ReportingWebService.asmx - asmx "Windows-Update-Agent/7.9.9600.17195 Client-Protocol/1.21" 172.16.1.188 1150 3136 - "Microsoft Update" "Update Software"