Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-usps-bkisbjls.xyz/update/

Overview

General Information

Sample URL:https://us-usps-bkisbjls.xyz/update/
Analysis ID:1526891
Tags:openphish
Infos:
Errors
  • URL not reachable

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Performs DNS queries to domains with low reputation
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6224 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5648 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=2176,i,18000082248122258281,17991802055432025965,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6156 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-bkisbjls.xyz/update/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://us-usps-bkisbjls.xyz/update/SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49721 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49717 version: TLS 1.2

Networking

barindex
Performs DNS queries to domains with low reputation
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-bkisbjls.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-bkisbjls.xyz
Source: DNS query: us-usps-bkisbjls.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-bkisbjls.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-bkisbjls.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-bkisbjls.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-bkisbjls.xyz
Source: DNS query: us-usps-bkisbjls.xyz
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49721 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: us-usps-bkisbjls.xyz
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: classification engineClassification label: mal52.troj.win@19/6@12/3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=2176,i,18000082248122258281,17991802055432025965,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-bkisbjls.xyz/update/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=2176,i,18000082248122258281,17991802055432025965,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us-usps-bkisbjls.xyz/update/100%SlashNextFraudulent Website type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
142.250.184.238
truefalse
    		unknown
    www.google.com
    		142.250.74.196
    		truefalse
      		unknown
      s-part-0032.t-0009.t-msedge.net
      		13.107.246.60
      		truefalse
        		unknown
        fp2e7a.wpc.phicdn.net
        		192.229.221.95
        		truefalse
          		unknown
          us-usps-bkisbjls.xyz
          		unknown
          		unknowntrue
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            142.250.74.196
            		www.google.comUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.5

            General Information

            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1526891
            Start date and time:2024-10-06 17:34:22 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 2m 2s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:https://us-usps-bkisbjls.xyz/update/
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:6
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal52.troj.win@19/6@12/3
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            Cookbook Comments:
            • URL browsing timeout or error

            Errors

            • URL not reachable

            Warnings

            • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.185.195, 142.250.184.206, 64.233.166.84, 34.104.35.123, 184.28.90.27, 4.175.87.197, 2.19.126.137, 2.19.126.163, 192.229.221.95, 20.3.187.198
            • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, a767.dspw65.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtSetInformationFile calls found.
            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
            • VT rate limit hit for: https://us-usps-bkisbjls.xyz/update/

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 14:35:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.9698403938881985
            Encrypted:false
            SSDEEP:48:8cd0T4IIHNidAKZdA19ehwiZUklqehGfy+3:8v3Ghfy
            MD5:D8AF2205C58CFD560A5959C66B60E43F
            SHA1:C1DA406730E7218F9C4E9F923752A64F3DD47144
            SHA-256:BD4A3B7384A8FCF42B3E15E7FB420CB40BBB0825D99136A3B15ACC2474B1F011
            SHA-512:34F050E0E10BDCC419CB87625E66F07579BAA82F8B97B645ECB6E89BA1CF8B12918B3A0EA1BB90D938061A925A66D41532F8C7E43B6AFFED1AD3B1126C53DD07
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.....n.X....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFYh|....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFYh|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFYh|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFYh|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFYj|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 14:35:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.9875032093301392
            Encrypted:false
            SSDEEP:48:85d0T4IIHNidAKZdA1weh/iZUkAQkqehRfy+2:8A3E9QEfy
            MD5:4D4EF6F99A3F2762F1D81F4CF63F55EE
            SHA1:D81DF30C77D00607711528A231CC8F095E4FAED9
            SHA-256:81972D31B15C9571FE0772969152B36DD5317B1C9E36BC149BB095B6D6326F0F
            SHA-512:92CE76775BC826CD335A0A4F9E87DD032158B90378ECDC202EAE60D64F16E694079FD5019E2F8FF26F448B54FA4781A4BC4AFB7BDAE42043E4F52EEE8AE133D2
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.......X....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFYh|....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFYh|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFYh|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFYh|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFYj|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2693
            Entropy (8bit):4.000141420093476
            Encrypted:false
            SSDEEP:48:8xBd0T4IsHNidAKZdA14tseh7sFiZUkmgqeh7sHfy+BX:8xo3wnVfy
            MD5:3E351274B05F267238F09C5A5DC151ED
            SHA1:9CF22EF071AB7DA7D2C8F95EC3C076A00973AE7E
            SHA-256:D6E83C76F4C8D7FD0A50376F7CBEB5217BF13FF0179A835994A2DDBCB3572A9C
            SHA-512:3C23DBE6920EAE068B77F924A328FC080D4AB73A3C998915DA5F91540CF3454CF0D0C4D954E558A138643992870A353088A80AE3A387C551DB57931B94291111
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFYh|....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFYh|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFYh|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFYh|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 14:35:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.9848313554934927
            Encrypted:false
            SSDEEP:48:8aFd0T4IIHNidAKZdA1vehDiZUkwqehdfy+R:8aM3PPfy
            MD5:87271173CC1E0AF7BE61537F2B7B11B8
            SHA1:8E6ADB90D982A090F96DDBFBFCF020BEE316C53F
            SHA-256:B72D622049A3B669D93F09B9EADDC0C4948ABFE4670AD5B3BE8423C7A389E5D2
            SHA-512:E6EF48B30FE69E720CF34160CEE0DDADFE09CA5EB0622139004008819263E24B62E23E461D0D54AC345CE0340846889EBA0B8C73CFC72016CCF9F91B8B655C80
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....5?.X....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFYh|....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFYh|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFYh|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFYh|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFYj|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 14:35:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.9738739446948044
            Encrypted:false
            SSDEEP:48:8Wd0T4IIHNidAKZdA1hehBiZUk1W1qeh7fy+C:8t3v9bfy
            MD5:6A0E3C245562B4C09DB1A4CF291AB201
            SHA1:3D968ADB6A9B4596A52A784D57E2A9ACB279CB50
            SHA-256:78EDCADD4ACF5284AF323828E6E2C1C538A408079EE4ECA82381B4481B6D3C7C
            SHA-512:F688F1E488901946B60B82124E9FAC9568EF075AEEF2B6B03897BD8F7AAAAB5EEAD8202E05943D9E2057083DB87F67CE0371C7EB44E7E2BB0C62440B6A6D60D7
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....}G.X....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFYh|....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFYh|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFYh|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFYh|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFYj|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 14:35:18 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2683
            Entropy (8bit):3.984882885351551
            Encrypted:false
            SSDEEP:48:8Ad0T4IIHNidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbVfy+yT+:8D3nT/TbxWOvTbVfy7T
            MD5:9639E060CD374013599679AB72327E55
            SHA1:A459D47CBC237F125AC6A990ABAF453DEBE8DC11
            SHA-256:5213CCB25F322E3219847FEE083CBE43FDBF03E54634ADCF27F574FE7D1F48A6
            SHA-512:5382EE56632F72B78C233AFA9B445325FACA6A63F74F49993B3587E6C5DCD8FFAF44069390BF65EC313598EECF393AB97CCE05E311EE0A018A322122B5C9EB82
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....0..X....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFYh|....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFYh|....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFYh|....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFYh|..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFYj|...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 6, 2024 17:35:10.411876917 CEST49675443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:10.490010977 CEST49674443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:10.521188974 CEST49673443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:20.042483091 CEST49675443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:20.107471943 CEST49674443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:20.230804920 CEST49673443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:21.522780895 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:21.522829056 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:21.523392916 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:21.524262905 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:21.524281025 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:21.766627073 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 17:35:21.766747952 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:22.176707029 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:22.186264038 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:22.186295986 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:22.190068960 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:22.190148115 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:22.209074020 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:22.209223032 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:22.260740995 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:22.260780096 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:22.307615995 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:32.088201046 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:32.088350058 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:32.090826035 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:32.540255070 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:32.540354013 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:32.540438890 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:32.541367054 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:32.541399956 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.202162981 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.202466011 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.204929113 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.204957008 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.205388069 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.218420029 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.263403893 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.283211946 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:33.283407927 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:33.283694983 CEST49721443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:33.283751011 CEST4434972123.1.237.91192.168.2.5
            Oct 6, 2024 17:35:33.283838034 CEST49721443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:33.284106970 CEST49721443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:33.284127951 CEST4434972123.1.237.91192.168.2.5
            Oct 6, 2024 17:35:33.287985086 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 17:35:33.288144112 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 17:35:33.318211079 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.318335056 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.318380117 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.318526030 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.318526030 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.318559885 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.322416067 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.405787945 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.405854940 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.405906916 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.405946016 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.405982971 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.406208038 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.407247066 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.407289982 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.407330990 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.407340050 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.407370090 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.407407045 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.493419886 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.493477106 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.493525982 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.493554115 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.493582010 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.494240999 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.494359970 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.494409084 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.494456053 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.494468927 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.494508028 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.495336056 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.495407104 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.495461941 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.495476961 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.495524883 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.495735884 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.496259928 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.496299982 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.496342897 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.496357918 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.496393919 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.496556044 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.582439899 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.582490921 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.582632065 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.582632065 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.582663059 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.582988024 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.583029032 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.583035946 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.583074093 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.583086014 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.583142996 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.583142996 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.583791018 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.583841085 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.583911896 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.583911896 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.583921909 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.584433079 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.584484100 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.584539890 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.584549904 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.584582090 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.585205078 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.585242987 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.585246086 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.585275888 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.585284948 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.585310936 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.585936069 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.585977077 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.585982084 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.586008072 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.586021900 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.586081028 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.586081028 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.586098909 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.586251020 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.586282969 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.590404987 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.624351025 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.625725985 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.625765085 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.625812054 CEST49717443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.625828981 CEST4434971713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.701057911 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.701131105 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.701335907 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.703222036 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.703269005 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.703424931 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.705985069 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.706026077 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.706192017 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.706234932 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.706450939 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.706453085 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.706468105 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.706969023 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.706981897 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.708448887 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.708497047 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.708693981 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.710232019 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.710238934 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.710375071 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.710659027 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.710671902 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.711060047 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:33.711069107 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:33.885519981 CEST4434972123.1.237.91192.168.2.5
            Oct 6, 2024 17:35:33.885844946 CEST49721443192.168.2.523.1.237.91
            Oct 6, 2024 17:35:33.973149061 CEST49711443192.168.2.5142.250.74.196
            Oct 6, 2024 17:35:33.973184109 CEST44349711142.250.74.196192.168.2.5
            Oct 6, 2024 17:35:34.342096090 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.342753887 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.342782021 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.343096972 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.343446016 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.343468904 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.344532013 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.344810009 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.344815016 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.345066071 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.345072985 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.345136881 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.345182896 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.345505953 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.345510960 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.349308968 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.349674940 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.349685907 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.350161076 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.350172043 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.440830946 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.440877914 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.440934896 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.440969944 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441076994 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441082954 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.441188097 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.441379070 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.441411972 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441426039 CEST49724443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.441433907 CEST4434972413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441719055 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441736937 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441791058 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.441812038 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.441962957 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.441987038 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.442006111 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.442090034 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.442114115 CEST4434972613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.442162991 CEST49726443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.444346905 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.444422007 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.444472075 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.444587946 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.444601059 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.444611073 CEST49723443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.444614887 CEST4434972313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.445712090 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.445732117 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.445796967 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.445904970 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.445938110 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.445990086 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.446100950 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.446113110 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.446208954 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.446218967 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.447297096 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.447304964 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.447370052 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.447546005 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.447552919 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.447886944 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.448007107 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.448071003 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.448143005 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.448174000 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.448199987 CEST49725443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.448214054 CEST4434972513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.450248957 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.450262070 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:34.450325012 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.450443029 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:34.450452089 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.080552101 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.081155062 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.081187010 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.083101988 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.083106995 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.086467981 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.086862087 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.086874008 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.087280989 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.087285995 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.108378887 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.108795881 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.108834982 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.109308004 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.109314919 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.122522116 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.122879028 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.122899055 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.123328924 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.123333931 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.180356026 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.180423021 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.180583954 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.180618048 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.180638075 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.180649042 CEST49728443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.180655003 CEST4434972813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.183284044 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.183326006 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.183404922 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.183545113 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.183566093 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.185009956 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.185084105 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.185180902 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.185199976 CEST49731443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.185204029 CEST4434973113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.187436104 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.187473059 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.187549114 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.187690020 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.187700033 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.211632013 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.211678982 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.211759090 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.211828947 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.211849928 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.211864948 CEST49730443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.211870909 CEST4434973013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.213577032 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.213596106 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.213752031 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.213882923 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.213890076 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.227955103 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.228104115 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.228152037 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.228172064 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.228177071 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.228192091 CEST49729443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.228197098 CEST4434972913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.230000019 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.230055094 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.230155945 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.230223894 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.230242968 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.851725101 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.852313995 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.852339029 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.853039026 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.853394032 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.853415012 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.853991985 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.853996992 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.854063034 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.854068995 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.874135017 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.874574900 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.874583006 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.875000000 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.875005007 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.932341099 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.932838917 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.932867050 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.933327913 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.933336020 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.956010103 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.956094027 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.956156969 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.956324100 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.956357956 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.956377983 CEST49732443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.956386089 CEST4434973213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.959130049 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.959219933 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.959273100 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.959378004 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.959398031 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.959412098 CEST49733443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.959418058 CEST4434973313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.959773064 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.959820032 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.959942102 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.960056067 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.960069895 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.961782932 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.961839914 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.961906910 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.962055922 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.962073088 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.977057934 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.977117062 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.977210999 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.977271080 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.977277040 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.977286100 CEST49734443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.977289915 CEST4434973413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.979691982 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.979751110 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:35.979809999 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.979931116 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:35.979947090 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.037180901 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.037278891 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.037338018 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.037512064 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.037553072 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.037568092 CEST49735443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.037576914 CEST4434973513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.040755987 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.040853024 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.041085005 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.041239023 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.041270971 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.324160099 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.325155973 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.325185061 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.325589895 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.325596094 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.422775030 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.422804117 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.423119068 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.423121929 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.423233986 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.423233986 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.423734903 CEST49722443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.423753023 CEST4434972213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.426300049 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.426342010 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.426485062 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.426618099 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.426630974 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.599533081 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.600414991 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.600439072 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.603651047 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.603662014 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.606430054 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.607645988 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.607682943 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.610162973 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.610168934 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.612371922 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.612844944 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.612860918 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.613390923 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.613395929 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.698303938 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.698374987 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.698666096 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.698666096 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.698807955 CEST49736443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.698838949 CEST4434973613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.701740980 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.701842070 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.701961040 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.702080011 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.702110052 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.706675053 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.706825972 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.706928968 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.706928968 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.708586931 CEST49737443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.708615065 CEST4434973713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.708653927 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.709439993 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.709464073 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.710458994 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.710458994 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.710474014 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.710494041 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.710527897 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.710699081 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.710717916 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.711936951 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.711977959 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.712213039 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.712213039 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.713000059 CEST49738443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.713017941 CEST4434973813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.714732885 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.714775085 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.715068102 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.715068102 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.715096951 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.811346054 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.811460018 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.811661005 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.811661005 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.811686993 CEST49739443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.811701059 CEST4434973913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.814934015 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.814974070 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:36.815251112 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.815251112 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:36.815275908 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.073059082 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.073641062 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.073667049 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.074376106 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.074383974 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.172451973 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.172624111 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.172779083 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.172815084 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.172815084 CEST49740443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.172838926 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.172848940 CEST4434974013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.176383972 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.176426888 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.176597118 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.176979065 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.176999092 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.358345032 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.358989000 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.359020948 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.359612942 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.359623909 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.363223076 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.363581896 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.363591909 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.364121914 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.364126921 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.388770103 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.389333010 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.389354944 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.389755011 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.389759064 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.459115982 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.459206104 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.459281921 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.465024948 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.465109110 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.465209007 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.465802908 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.465835094 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.465876102 CEST49741443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.465884924 CEST4434974113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.466322899 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.466329098 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.466342926 CEST49742443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.466346979 CEST4434974213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.470470905 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.470520973 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.470675945 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.471612930 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.471707106 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.471771955 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.477010965 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.477027893 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.477153063 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.477170944 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.483550072 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.484163046 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.484170914 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.484848022 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.484850883 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.534179926 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.534240007 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.534339905 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.539223909 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.539249897 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.539263964 CEST49743443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.539269924 CEST4434974313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.551491976 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.551548958 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.551635981 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.555831909 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.555855036 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.595746040 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.595912933 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.595983982 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.598908901 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.598908901 CEST49744443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.598958015 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.599000931 CEST4434974413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.612231016 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.612294912 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.612370014 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.621082067 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.621105909 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.851995945 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.852565050 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.852591991 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.853195906 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.853204012 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.954222918 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.954410076 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.954531908 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.954586983 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.954615116 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.954709053 CEST49745443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.954716921 CEST4434974513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.958149910 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.958225012 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:37.958384991 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.958573103 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:37.958587885 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.123251915 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.123836994 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.123898029 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.124385118 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.124401093 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.138123989 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.138605118 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.138631105 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.139358044 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.139370918 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.200628996 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.201170921 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.201217890 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.201761961 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.201769114 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.221549034 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.221613884 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.221687078 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.221903086 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.221903086 CEST49747443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.221951008 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.221977949 CEST4434974713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.225907087 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.225986958 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.226082087 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.226314068 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.226349115 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.242523909 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.242687941 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.242755890 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.242882013 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.242911100 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.242929935 CEST49746443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.242945910 CEST4434974613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.246870995 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.246958971 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.247034073 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.247278929 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.247313023 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.255912066 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.256514072 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.256530046 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.257226944 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.257230997 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.297552109 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.297638893 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.297743082 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.297926903 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.297955036 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.297976971 CEST49748443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.297983885 CEST4434974813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.301673889 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.301712036 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.301810026 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.302007914 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.302017927 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.354640961 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.354729891 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.354949951 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.354999065 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.355012894 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.355036020 CEST49749443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.355041981 CEST4434974913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.358758926 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.358793020 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.358886003 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.359174967 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.359183073 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.610160112 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.610686064 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.610708952 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.611323118 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.611326933 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.710978031 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.711105108 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.711246014 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.711285114 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.711304903 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.711314917 CEST49750443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.711321115 CEST4434975013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.714277983 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.714334011 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.714401960 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.714570045 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.714591980 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.872936964 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.873658895 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.873733044 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.874403000 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.874417067 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.894606113 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.895054102 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.895090103 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.895641088 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.895646095 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.936639071 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.937277079 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.937300920 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.937747955 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.937756062 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.974162102 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.974296093 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.974428892 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.974483967 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.974483967 CEST49751443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.974518061 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.974540949 CEST4434975113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.977847099 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.977883101 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.977947950 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.978107929 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.978127956 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.995285034 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.995342016 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.995392084 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.995584965 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.995608091 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.995624065 CEST49752443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.995630980 CEST4434975213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.998414993 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.998460054 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:38.998542070 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.998796940 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:38.998809099 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.019411087 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.019875050 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.019896984 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.020432949 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.020437956 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.037276030 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.037352085 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.037488937 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.037518024 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.037528038 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.037545919 CEST49753443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.037550926 CEST4434975313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.040508032 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.040546894 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.040613890 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.040755033 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.040767908 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.122396946 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.122474909 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.122539043 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.122737885 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.122751951 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.122769117 CEST49754443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.122773886 CEST4434975413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.125986099 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.126033068 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.126102924 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.126400948 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.126415014 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.392652988 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.393198013 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.393238068 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.393945932 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.393953085 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.497827053 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.497977018 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.498475075 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.498548031 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.498581886 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.498599052 CEST49755443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.498605967 CEST4434975513.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.501976013 CEST49760443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.502029896 CEST4434976013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.502091885 CEST49760443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.502233982 CEST49760443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.502254009 CEST4434976013.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.615124941 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.615653992 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.615695000 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.616266966 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.616272926 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.661520958 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.662214041 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.662259102 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.662889957 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.662898064 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.687793016 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.688348055 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.688368082 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.688971043 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.688976049 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.715248108 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.715328932 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.715507984 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.715553999 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.715553999 CEST49756443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.715578079 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.715589046 CEST4434975613.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.718456984 CEST49761443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.718502045 CEST4434976113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.718601942 CEST49761443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.718760014 CEST49761443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.718774080 CEST4434976113.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.764605045 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.764674902 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.764940977 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.765031099 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.765074015 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.765110970 CEST49757443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.765126944 CEST4434975713.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.767220020 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.767608881 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.767671108 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.768033028 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.768049002 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.768224001 CEST49762443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.768271923 CEST4434976213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.768349886 CEST49762443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.768472910 CEST49762443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.768490076 CEST4434976213.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.826472998 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.826565027 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.826625109 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.826900005 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.826925993 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.826941013 CEST49758443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.826948881 CEST4434975813.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.831219912 CEST49763443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.831314087 CEST4434976313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.831423044 CEST49763443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.831578970 CEST49763443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.831613064 CEST4434976313.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.868464947 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.868626118 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.868699074 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.868782043 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.868812084 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.868837118 CEST49759443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.868850946 CEST4434975913.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.871865988 CEST49764443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.871936083 CEST4434976413.107.246.60192.168.2.5
            Oct 6, 2024 17:35:39.872019053 CEST49764443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.872155905 CEST49764443192.168.2.513.107.246.60
            Oct 6, 2024 17:35:39.872194052 CEST4434976413.107.246.60192.168.2.5

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 6, 2024 17:35:17.014734030 CEST53618531.1.1.1192.168.2.5
            Oct 6, 2024 17:35:17.048418999 CEST53537281.1.1.1192.168.2.5
            Oct 6, 2024 17:35:18.419537067 CEST53577181.1.1.1192.168.2.5
            Oct 6, 2024 17:35:18.964637041 CEST6441953192.168.2.51.1.1.1
            Oct 6, 2024 17:35:18.964972973 CEST5069453192.168.2.51.1.1.1
            Oct 6, 2024 17:35:19.014981985 CEST53644191.1.1.1192.168.2.5
            Oct 6, 2024 17:35:19.015022039 CEST53506941.1.1.1192.168.2.5
            Oct 6, 2024 17:35:19.016088009 CEST5107653192.168.2.51.1.1.1
            Oct 6, 2024 17:35:19.024748087 CEST53510761.1.1.1192.168.2.5
            Oct 6, 2024 17:35:19.085164070 CEST5508853192.168.2.58.8.8.8
            Oct 6, 2024 17:35:19.085490942 CEST5189253192.168.2.51.1.1.1
            Oct 6, 2024 17:35:19.092356920 CEST53550888.8.8.8192.168.2.5
            Oct 6, 2024 17:35:19.093389034 CEST53518921.1.1.1192.168.2.5
            Oct 6, 2024 17:35:20.130213976 CEST5408653192.168.2.51.1.1.1
            Oct 6, 2024 17:35:20.130574942 CEST5789453192.168.2.51.1.1.1
            Oct 6, 2024 17:35:20.140007019 CEST53540861.1.1.1192.168.2.5
            Oct 6, 2024 17:35:20.140209913 CEST53578941.1.1.1192.168.2.5
            Oct 6, 2024 17:35:21.512793064 CEST5055653192.168.2.51.1.1.1
            Oct 6, 2024 17:35:21.513855934 CEST6428453192.168.2.51.1.1.1
            Oct 6, 2024 17:35:21.519989014 CEST53505561.1.1.1192.168.2.5
            Oct 6, 2024 17:35:21.520622969 CEST53642841.1.1.1192.168.2.5
            Oct 6, 2024 17:35:25.187330961 CEST6279953192.168.2.51.1.1.1
            Oct 6, 2024 17:35:25.187642097 CEST5026253192.168.2.51.1.1.1
            Oct 6, 2024 17:35:25.478281975 CEST53627991.1.1.1192.168.2.5
            Oct 6, 2024 17:35:25.478328943 CEST53502621.1.1.1192.168.2.5
            Oct 6, 2024 17:35:25.479181051 CEST5940753192.168.2.51.1.1.1
            Oct 6, 2024 17:35:25.498205900 CEST53594071.1.1.1192.168.2.5
            Oct 6, 2024 17:35:35.481441021 CEST53633341.1.1.1192.168.2.5

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Oct 6, 2024 17:35:18.964637041 CEST192.168.2.51.1.1.10xe943Standard query (0)us-usps-bkisbjls.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:18.964972973 CEST192.168.2.51.1.1.10x8d0cStandard query (0)us-usps-bkisbjls.xyz65IN (0x0001)false
            Oct 6, 2024 17:35:19.016088009 CEST192.168.2.51.1.1.10xf14fStandard query (0)us-usps-bkisbjls.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:19.085164070 CEST192.168.2.58.8.8.80x41f1Standard query (0)google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:19.085490942 CEST192.168.2.51.1.1.10x5a1eStandard query (0)google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:20.130213976 CEST192.168.2.51.1.1.10x2e8dStandard query (0)us-usps-bkisbjls.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:20.130574942 CEST192.168.2.51.1.1.10x871eStandard query (0)us-usps-bkisbjls.xyz65IN (0x0001)false
            Oct 6, 2024 17:35:21.512793064 CEST192.168.2.51.1.1.10x1c7eStandard query (0)www.google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:21.513855934 CEST192.168.2.51.1.1.10xe21cStandard query (0)www.google.com65IN (0x0001)false
            Oct 6, 2024 17:35:25.187330961 CEST192.168.2.51.1.1.10x982eStandard query (0)us-usps-bkisbjls.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:25.187642097 CEST192.168.2.51.1.1.10x108cStandard query (0)us-usps-bkisbjls.xyz65IN (0x0001)false
            Oct 6, 2024 17:35:25.479181051 CEST192.168.2.51.1.1.10xa16cStandard query (0)us-usps-bkisbjls.xyzA (IP address)IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Oct 6, 2024 17:35:19.014981985 CEST1.1.1.1192.168.2.50xe943Name error (3)us-usps-bkisbjls.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:19.015022039 CEST1.1.1.1192.168.2.50x8d0cName error (3)us-usps-bkisbjls.xyznonenone65IN (0x0001)false
            Oct 6, 2024 17:35:19.024748087 CEST1.1.1.1192.168.2.50xf14fName error (3)us-usps-bkisbjls.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:19.092356920 CEST8.8.8.8192.168.2.50x41f1No error (0)google.com142.250.184.238A (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:19.093389034 CEST1.1.1.1192.168.2.50x5a1eNo error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:20.140007019 CEST1.1.1.1192.168.2.50x2e8dName error (3)us-usps-bkisbjls.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:20.140209913 CEST1.1.1.1192.168.2.50x871eName error (3)us-usps-bkisbjls.xyznonenone65IN (0x0001)false
            Oct 6, 2024 17:35:21.519989014 CEST1.1.1.1192.168.2.50x1c7eNo error (0)www.google.com142.250.74.196A (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:21.520622969 CEST1.1.1.1192.168.2.50xe21cNo error (0)www.google.com65IN (0x0001)false
            Oct 6, 2024 17:35:25.478281975 CEST1.1.1.1192.168.2.50x982eName error (3)us-usps-bkisbjls.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:25.478328943 CEST1.1.1.1192.168.2.50x108cName error (3)us-usps-bkisbjls.xyznonenone65IN (0x0001)false
            Oct 6, 2024 17:35:25.498205900 CEST1.1.1.1192.168.2.50xa16cName error (3)us-usps-bkisbjls.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:32.538732052 CEST1.1.1.1192.168.2.50x44beNo error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 17:35:32.538732052 CEST1.1.1.1192.168.2.50x44beNo error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
            Oct 6, 2024 17:35:32.558254004 CEST1.1.1.1192.168.2.50x7842No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 17:35:32.558254004 CEST1.1.1.1192.168.2.50x7842No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

            HTTP Request Dependency Graph

            • otelrules.azureedge.net

            HTTPS Proxied Packets

            Session IDSource IPSource PortDestination IPDestination Port
            0192.168.2.54971713.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:33 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:33 UTC540INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:33 GMT
            Content-Type: text/plain
            Content-Length: 218853
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public
            Last-Modified: Fri, 04 Oct 2024 23:21:50 GMT
            ETag: "0x8DCE4CB535A72FA"
            x-ms-request-id: 4dad204e-401e-005b-4bf5-169c0c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153533Z-1657d5bbd48lknvp09v995n79000000001r000000000mnh3
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:33 UTC15844INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
            Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
            2024-10-06 15:35:33 UTC16384INData Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e
            Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
            2024-10-06 15:35:33 UTC16384INData Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31
            Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
            2024-10-06 15:35:33 UTC16384INData Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
            Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
            2024-10-06 15:35:33 UTC16384INData Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f
            Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
            2024-10-06 15:35:33 UTC16384INData Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a
            Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
            2024-10-06 15:35:33 UTC16384INData Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63
            Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
            2024-10-06 15:35:33 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e
            Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
            2024-10-06 15:35:33 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20
            Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
            2024-10-06 15:35:33 UTC16384INData Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c
            Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <


            Session IDSource IPSource PortDestination IPDestination Port
            1192.168.2.54972613.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:34 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:34 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:34 GMT
            Content-Type: text/xml
            Content-Length: 2160
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA3B95D81"
            x-ms-request-id: c59bb0f9-701e-0097-2d01-17b8c1000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153534Z-1657d5bbd48xdq5dkwwugdpzr000000002d000000000mv61
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:34 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


            Session IDSource IPSource PortDestination IPDestination Port
            2192.168.2.54972413.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:34 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:34 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:34 GMT
            Content-Type: text/xml
            Content-Length: 2980
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: 8aaf7b13-d01e-0028-46fd-167896000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153534Z-1657d5bbd48vhs7r2p1ky7cs5w00000002k0000000003adp
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:34 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


            Session IDSource IPSource PortDestination IPDestination Port
            3192.168.2.54972313.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:34 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:34 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:34 GMT
            Content-Type: text/xml
            Content-Length: 450
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
            ETag: "0x8DC582BD4C869AE"
            x-ms-request-id: d4448e94-101e-00a2-2703-179f2e000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153534Z-1657d5bbd48xsz2nuzq4vfrzg80000000240000000002x9f
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:34 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


            Session IDSource IPSource PortDestination IPDestination Port
            4192.168.2.54972513.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:34 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:34 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:34 GMT
            Content-Type: text/xml
            Content-Length: 408
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB56D3AFB"
            x-ms-request-id: b27588a3-a01e-003d-6001-1798d7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153534Z-1657d5bbd48xlwdx82gahegw4000000002b000000000ep7p
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:34 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            5192.168.2.54972813.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 474
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
            ETag: "0x8DC582B9964B277"
            x-ms-request-id: 1be53f37-001e-00a2-0266-17d4d5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48sdh4cyzadbb374800000001wg00000000pksd
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            6192.168.2.54973113.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 632
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB6E3779E"
            x-ms-request-id: 15158de7-401e-0029-4b00-179b43000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48wd55zet5pcra0cg00000002700000000049kn
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


            Session IDSource IPSource PortDestination IPDestination Port
            7192.168.2.54973013.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
            ETag: "0x8DC582BB10C598B"
            x-ms-request-id: 73fc0cc0-d01e-008e-5fee-16387a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48gqrfwecymhhbfm8000000011g000000006785
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            8192.168.2.54972913.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
            ETag: "0x8DC582B9F6F3512"
            x-ms-request-id: 1707b783-801e-00a3-53e5-167cfb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48q6t9vvmrkd293mg000000026g000000006m12
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            9192.168.2.54973213.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 467
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
            ETag: "0x8DC582BA6C038BC"
            x-ms-request-id: 87fc294c-201e-0051-40f3-167340000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48sdh4cyzadbb3748000000022g000000005fqv
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            10192.168.2.54973313.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
            ETag: "0x8DC582BBAD04B7B"
            x-ms-request-id: 789c8418-601e-0032-5905-17eebb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48brl8we3nu8cxwgn00000002c000000000pqv0
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            11192.168.2.54973413.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:35 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB344914B"
            x-ms-request-id: 0a3893d3-c01e-0082-33ee-16af72000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48sqtlf1huhzuwq7000000001vg00000000gssy
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:35 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            12192.168.2.54973513.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:35 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:36 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:35 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
            ETag: "0x8DC582BA310DA18"
            x-ms-request-id: 915c1ee4-001e-0079-3000-1712e8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153535Z-1657d5bbd48cpbzgkvtewk0wu000000002900000000098eb
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:36 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            13192.168.2.54972213.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:36 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:36 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:36 GMT
            Content-Type: text/xml
            Content-Length: 3788
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC2126A6"
            x-ms-request-id: 4545068c-701e-0050-0e05-176767000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153536Z-1657d5bbd48tnj6wmberkg2xy8000000024g00000000r8kd
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:36 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


            Session IDSource IPSource PortDestination IPDestination Port
            14192.168.2.54973613.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:36 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:36 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:36 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
            ETag: "0x8DC582B9018290B"
            x-ms-request-id: bf7deccb-401e-0064-0f0e-1754af000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153536Z-1657d5bbd48sdh4cyzadbb3748000000023g000000002nw4
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:36 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            15192.168.2.54973713.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:36 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:36 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:36 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
            ETag: "0x8DC582B9698189B"
            x-ms-request-id: 99ffd5e0-b01e-0053-0101-17cdf8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153536Z-1657d5bbd48dfrdj7px744zp8s00000001xg00000000buq7
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:36 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            16192.168.2.54973813.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:36 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:36 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:36 GMT
            Content-Type: text/xml
            Content-Length: 469
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
            ETag: "0x8DC582BBA701121"
            x-ms-request-id: e72ec3ca-501e-005b-2401-17d7f7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153536Z-1657d5bbd48f7nlxc7n5fnfzh000000001ug00000000a7zq
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:36 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            17192.168.2.54973913.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:36 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:36 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:36 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA41997E3"
            x-ms-request-id: 27ba9a72-001e-0046-2a01-17da4b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153536Z-1657d5bbd48vhs7r2p1ky7cs5w00000002d000000000kq44
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:36 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            18192.168.2.54974013.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:37 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:37 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:37 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8CEAC16"
            x-ms-request-id: c2d0a885-201e-0003-7ced-16f85a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153537Z-1657d5bbd48xsz2nuzq4vfrzg800000001x000000000sd4m
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:37 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            19192.168.2.54974113.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:37 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:37 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:37 GMT
            Content-Type: text/xml
            Content-Length: 464
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
            ETag: "0x8DC582B97FB6C3C"
            x-ms-request-id: 5a59384b-a01e-0053-3602-178603000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153537Z-1657d5bbd48jwrqbupe3ktsx9w00000002b000000000gqth
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:37 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


            Session IDSource IPSource PortDestination IPDestination Port
            20192.168.2.54974213.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:37 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:37 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:37 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB7010D66"
            x-ms-request-id: d3d0b776-b01e-003d-1803-17d32c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153537Z-1657d5bbd48dfrdj7px744zp8s00000001u000000000p3vm
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:37 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            21192.168.2.54974313.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:37 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:37 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:37 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
            ETag: "0x8DC582B9748630E"
            x-ms-request-id: 09392ef7-101e-0046-3f05-1791b0000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153537Z-1657d5bbd48t66tjar5xuq22r8000000026g0000000061q0
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:37 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            22192.168.2.54974413.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:37 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:37 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:37 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DACDF62"
            x-ms-request-id: 20b36261-201e-006e-7102-17bbe3000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153537Z-1657d5bbd48q6t9vvmrkd293mg0000000260000000008h54
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:37 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            23192.168.2.54974513.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:37 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:37 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:37 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
            ETag: "0x8DC582B9E8EE0F3"
            x-ms-request-id: f57b7c9f-801e-00a0-4a13-172196000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153537Z-1657d5bbd48vhs7r2p1ky7cs5w00000002fg00000000bdcq
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:37 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            24192.168.2.54974713.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 428
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC4F34CA"
            x-ms-request-id: 6be05283-001e-00a2-2700-17d4d5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd482lxwq1dp2t1zwkc00000001wg00000000fxkw
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            25192.168.2.54974613.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
            ETag: "0x8DC582B9C8E04C8"
            x-ms-request-id: 81e42967-c01e-0014-5ee9-16a6a3000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48jwrqbupe3ktsx9w00000002dg0000000078zw
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            26192.168.2.54974813.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 499
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
            ETag: "0x8DC582B98CEC9F6"
            x-ms-request-id: 40323690-a01e-0002-0100-175074000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48cpbzgkvtewk0wu000000002bg000000001a8x
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            27192.168.2.54974913.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B988EBD12"
            x-ms-request-id: c530354f-501e-0016-5013-17181b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48sdh4cyzadbb3748000000021g000000007yn2
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            28192.168.2.54975013.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB5815C4C"
            x-ms-request-id: 7cec3a6f-e01e-0033-3414-174695000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48brl8we3nu8cxwgn00000002gg0000000094cx
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            29192.168.2.54975113.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB32BB5CB"
            x-ms-request-id: d415a278-e01e-0051-6efe-1684b2000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48brl8we3nu8cxwgn00000002kg00000000221y
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            30192.168.2.54975213.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:38 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8972972"
            x-ms-request-id: 688d2aae-a01e-0084-3466-179ccd000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48gqrfwecymhhbfm800000000zg00000000d8ey
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:38 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            31192.168.2.54975313.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:38 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:38 GMT
            Content-Type: text/xml
            Content-Length: 420
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DAE3EC0"
            x-ms-request-id: 10df1352-f01e-00aa-105a-178521000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153538Z-1657d5bbd48sdh4cyzadbb374800000001z000000000fn8h
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


            Session IDSource IPSource PortDestination IPDestination Port
            32192.168.2.54975413.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:39 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:39 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
            ETag: "0x8DC582B9D43097E"
            x-ms-request-id: b27116a7-a01e-003d-3a00-1798d7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153539Z-1657d5bbd48762wn1qw4s5sd30000000020g00000000eqp7
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            33192.168.2.54975513.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:39 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:39 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
            ETag: "0x8DC582BA909FA21"
            x-ms-request-id: a62739ea-301e-005d-6402-17e448000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153539Z-1657d5bbd48xlwdx82gahegw4000000002e0000000004qan
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            34192.168.2.54975613.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:39 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:39 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
            ETag: "0x8DC582B92FCB436"
            x-ms-request-id: b8f8ddc8-601e-0001-115a-17faeb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153539Z-1657d5bbd48lknvp09v995n79000000001ug00000000a1tx
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            35192.168.2.54975713.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:39 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:39 GMT
            Content-Type: text/xml
            Content-Length: 423
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
            ETag: "0x8DC582BB7564CE8"
            x-ms-request-id: a2d01d3c-801e-0083-4800-17f0ae000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153539Z-1657d5bbd48vhs7r2p1ky7cs5w00000002eg00000000em8r
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


            Session IDSource IPSource PortDestination IPDestination Port
            36192.168.2.54975813.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:39 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:39 GMT
            Content-Type: text/xml
            Content-Length: 478
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
            ETag: "0x8DC582B9B233827"
            x-ms-request-id: 4dd19665-401e-005b-7705-179c0c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153539Z-1657d5bbd482tlqpvyz9e93p5400000002900000000092k4
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            37192.168.2.54975913.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:39 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:39 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:39 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
            ETag: "0x8DC582B95C61A3C"
            x-ms-request-id: 151ca1e1-401e-0029-2b03-179b43000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153539Z-1657d5bbd48vlsxxpe15ac3q7n000000026g00000000565e
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:39 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            38192.168.2.54976013.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:40 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:40 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:40 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
            ETag: "0x8DC582BB046B576"
            x-ms-request-id: db28b7eb-d01e-0065-5efe-16b77a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153540Z-1657d5bbd48brl8we3nu8cxwgn00000002eg00000000fawv
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:40 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            39192.168.2.54976113.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:40 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:40 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:40 GMT
            Content-Type: text/xml
            Content-Length: 400
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2D62837"
            x-ms-request-id: 53f69819-801e-0048-7802-17f3fb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153540Z-1657d5bbd48dfrdj7px744zp8s0000000210000000000mcp
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:40 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


            Session IDSource IPSource PortDestination IPDestination Port
            40192.168.2.54976213.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:40 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:40 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:40 GMT
            Content-Type: text/xml
            Content-Length: 479
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
            ETag: "0x8DC582BB7D702D0"
            x-ms-request-id: 1be548a6-001e-00a2-4166-17d4d5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153540Z-1657d5bbd48sqtlf1huhzuwq7000000001zg000000003upz
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:40 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            41192.168.2.54976313.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:40 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:40 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:40 GMT
            Content-Type: text/xml
            Content-Length: 425
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
            ETag: "0x8DC582BBA25094F"
            x-ms-request-id: 678daa67-201e-00aa-3f60-173928000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153540Z-1657d5bbd48q6t9vvmrkd293mg000000022g00000000ke1r
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:40 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


            Session IDSource IPSource PortDestination IPDestination Port
            42192.168.2.54976413.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:40 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:40 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:40 GMT
            Content-Type: text/xml
            Content-Length: 475
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2BE84FD"
            x-ms-request-id: c5dbf9be-001e-0017-2cf1-160c3c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153540Z-1657d5bbd48sdh4cyzadbb3748000000021g000000007yqr
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:40 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            43192.168.2.54976513.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:40 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:41 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:40 GMT
            Content-Type: text/xml
            Content-Length: 448
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB389F49B"
            x-ms-request-id: 5a5a1e5c-a01e-001e-18f5-1649ef000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153540Z-1657d5bbd48t66tjar5xuq22r8000000020g00000000scgz
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:41 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


            Session IDSource IPSource PortDestination IPDestination Port
            44192.168.2.54976613.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:41 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:41 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:41 GMT
            Content-Type: text/xml
            Content-Length: 491
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B98B88612"
            x-ms-request-id: 721d8bd8-801e-002a-4f00-1731dc000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153541Z-1657d5bbd482lxwq1dp2t1zwkc00000001yg000000008tv1
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:41 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            45192.168.2.54976713.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:41 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:41 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:41 GMT
            Content-Type: text/xml
            Content-Length: 416
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
            ETag: "0x8DC582BAEA4B445"
            x-ms-request-id: cb78c1b2-201e-003f-2e04-176d94000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153541Z-1657d5bbd48lknvp09v995n79000000001r000000000mnuz
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:41 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


            Session IDSource IPSource PortDestination IPDestination Port
            46192.168.2.54976813.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:41 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:41 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:41 GMT
            Content-Type: text/xml
            Content-Length: 479
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B989EE75B"
            x-ms-request-id: 27b6de9f-001e-0046-1e00-17da4b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153541Z-1657d5bbd48vlsxxpe15ac3q7n000000027g0000000027zk
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:41 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            47192.168.2.54976913.107.246.60443
            TimestampBytes transferredDirectionData
            2024-10-06 15:35:41 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 15:35:41 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 15:35:41 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: cc92db4a-701e-0053-3460-173a0a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T153541Z-1657d5bbd48gqrfwecymhhbfm800000000x000000000pkgm
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 15:35:41 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Statistics

            CPU Usage

            Click to jump to process

            Memory Usage

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:0
            Start time:11:35:11
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:2
            Start time:11:35:15
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 --field-trial-handle=2176,i,18000082248122258281,17991802055432025965,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:3
            Start time:11:35:17
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-bkisbjls.xyz/update/"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            Disassembly

            No disassembly